PuterCare
Members-
Posts
114 -
Joined
-
Last visited
-
Peter Randziak reacted to a post in a topic: Agent install ends prematurely and fails
-
Agent install ends prematurely and fails
PuterCare replied to PuterCare's topic in ESET PROTECT On-prem (Remote Management)
Thanks, I can confirm this module is now working. -
Agent install ends prematurely and fails
PuterCare replied to PuterCare's topic in ESET PROTECT On-prem (Remote Management)
I just unassigned the update policy from the All group, created a new live agent installer and set the All group as the parent and now it installs ok. Is this a known issue then and do you know if it will be fixed? It will be annoying to have to remove all assigned policies from each static group and recreate each agent. Thanks -
Agent install ends prematurely and fails
PuterCare replied to PuterCare's topic in ESET PROTECT On-prem (Remote Management)
I included EES with the AIO installer and I selected a static group. I have no policies assigned to the Lost and Found group, the All group only has the default update policy assigned. I just created a new agent installer and selected the All group, ran it and it still fails. -
Agent install ends prematurely and fails
PuterCare replied to PuterCare's topic in ESET PROTECT On-prem (Remote Management)
It's already installed: Configuration module 2127.2 (20240607) -
Agent install ends prematurely and fails
PuterCare replied to PuterCare's topic in ESET PROTECT On-prem (Remote Management)
This was a brand new Dell machine with no ESET products installed, I tried the agent installer from ESET PROTECT first which failed, I then tried AIO which failed, I downloaded the GPO config and installed using a fresh agent installer from ESET support and it also failed. -
Agent install ends prematurely and fails
PuterCare replied to PuterCare's topic in ESET PROTECT On-prem (Remote Management)
Of course I mean ESET PROTECT On-Prem rather than ESMC. ESET PROTECT on-prem (Server), Version 11.0 (11.0.199.0) ESET PROTECT on-prem (Web Console), Version 11.0 (11.0.193.0) Virtual appliance -
I regularly install the agent using the live agent installer script from ESMC, for some reason today it is failing on multiple systems and multiple networks. I have followed the steps in kb406 and saved the log, it has my ESMC server hostname in it so won't attach to the thread. The AIO installer also fails, I tried running the removal tool from safe mode and trying again but have the same issue. I can install EES standalone without a problem. The log was taken from a sandbox but I had the issue on two physical machines, brand new PCs which I am setting up. Thanks
-
PuterCare reacted to a post in a topic: HIPS allow rules, possible to allow a particular script to be ran?
-
I have the HIPS rules enabled, but they are blocking some scripts from running. I have a script that auto-updates some applications: C:\Windows\system32\wscript.exe "C:\ProgramData\Winget-AutoUpdate\Invisible.vbs" "powershell.exe -NoProfile -ExecutionPolicy Bypass -File """C:\ProgramData\Winget-AutoUpdate\user-run.ps1"" When it is ran, it is blocked: 01/12/2023 11:01:36;C:\Windows\explorer.exe;Start new application;C:\Windows\system32\wscript.exe;Blocked;Deny script processes started by explorer; I'd rather not turn this rule off as in most instances, we do not want to let explorer start wscript etc. I have tried adding a rule but they seem to be so broad that I can allow one process to launch another, but I can't seem to be any more specific than that. Is there any way around this other than turning the rule off? Thanks
-
Strange one here, Eset Internet Security 16.2.15.0, Microsoft Edge (latest version) with Adobe PDF integration enabled. Reports from multiple separate customers, all with EIS in common, no such reports from EES customers. PDF opens in Edge and is presented correctly. When the user tries to save the open PDF, the normal save dialogue opens, when they type the filename, random characters are printed instead of what they are actually typing. These random characters are sequential in relation to the keyboard i.e. they could type "testing" and "qwertyu" will be printed, sometimes text will start from a different part of the keyboard. It is as if it is obfuscating what is typed to prevent a keylogger from being able to work. Text I type using my Teamviewer remote connection appears fine, it is only the local keyboard that is affected. Whilst the save box is open, text typed anywhere on the computer is incorrect, as soon as the save box is closed it works ok. I have found it hard to find info on this, I lost the reference but found that years ago similar behaviour was attributed to ESET so I removed ESET and it started working ok. I reinstalled and it continued to work ok. Does anyone know if this could be ESET related and a quicker fix? Thanks
-
Interestingly enough, I just did a clean install of EES 10.1.2058 onto a VM using the standalone downloader on the eset site so I could edit the regkey and export for deployment, and the service is already in quotes - "C:\Program Files\ESET\ESET Security\efwd.exe" I will check what version my endpoints are using and see if this version has fixed it. I had deployed EES to two of these systems this week from ESET Protect using the agent. EDIT: The endpoints are on 10.1.2050, I am pushing an update now.