-
Posts
306 -
Joined
-
Last visited
-
Days Won
1
Everything posted by kamiran.asia
-
Hi Dears. Why Java Script Scanner did not turn off by disabling AV , ( EES ) For Example in Visiting : https://ssyqf.twithdiffer.xyz/RYNI?tag_id=737329&sub_id1=&sub_id2=2227852676712444495&cookie_id=da3b21e8-1815-4d76-a46d-606a571e9f87&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Frovernments.xyz%2F%3Ftid%3D737329%26noocp%3D1&geo=DE&hop=7# even when EES is disabled we revive this incident : Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 2022/08/03 10:52:09 ب.ظ;JavaScript scanner;file;https://ssyqf.twithdiffer.xyz/RYNI?tag_id=737329&sub_id1=&sub_id2=2227852676712444495&cookie_id=da3b21e8-1815-4d76-a46d-606a571e9f87&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Frovernments.xyz%2F%3Ftid%3D737329%26noocp%3D1&geo=DE&hop=7;JS/Adware.Agent.AU application;blocked;KAMIRAN-PC\KAMIRAN;Event occurred during an attempt to access the web by the application: C:\Program Files\Mozilla Firefox\firefox.exe (7D00AB6EB4212686FF96D7F6BA270011828AFD89).;D7C1F521EFB886C56CD512AF8B8249C0B6D00A53;
-
Hi Dears. We are facing a bug in EES 9.1.2051. When Url Address Management policy are assign with Append - Append , we can not add addresses locally because there is no OK / Cancel buttons at the end of window when Show local rules is selected !!! You can see problem in these screenshots :
-
Hi dears , It seems that there is problem with offline repository in v9.1.1295.0 We create offline repository with newest mirror tool but can not create installers. this is the ESET protect log : 2022-07-28 20:44:02 Information: CRepositoryModule [Thread 13d4]: CMetadataProcessorV3: Downloading file from https://192.168.71.39:3128/com/eset/apps/business/eea/mac/v6/6.10.300.1/eea_osx_fin.pkg.eula/manifest.erm has failed 3 times. reposiroty server is set to hxxp://192.168.71.39:3128 , ESET Protect try to download from https !!?
-
Hi Dears. Deploy Agent task is missed in New ESET Protect Console ! When we want to deploy agent on un-managed , Wizard of creating Installer will appear. Agent install task is accessible just from server tasks. even when adding system from rogue , Agent install is not accessible. Is it bug or ... ?
-
Failed to load AD User Groups
kamiran.asia replied to kamiran.asia's topic in ESET PROTECT On-prem (Remote Management)
Any Idea dear @Marcos ? Did you hear this issue from other ? -
Yes , It seems to be FP. But we check 1.1.1.1 at https://whatismyipaddress.com/ for blacklist and find dnsbl.justspam.org mark 1.1.1.1 as blacklisted . may be ESET black list ips use these databases and these cause this FP.
-
Hi dears . From yesterday we revived this error from ESET Endpoint Security. It seems that 1.1.1.1 is marked as botnet . Event : Suspected botnet detected Detection name : Botnet.CnC.Generic Target address: 1.1.1.1 Port : 80
-
Failed to load AD User Groups
kamiran.asia replied to kamiran.asia's topic in ESET PROTECT On-prem (Remote Management)
For more info we test the AD with software like LDAP Browser and all users group and users list work find. it seems that there is no problem in AD. -
Hi Dears, We find this problem in over 4-5 ESET Protect Console that after upgrade to latest version Users Group of AD will not load with this error : Reading AD structure failed (check task configuration): Trace info: Failed to bind to the specified object (LDAP://192.168.3.2/DC=AAC,DC=LOCAL). Error code = 0x8007203a, The server is not operational. Error code: 0x8007203a While AD Users load properly ! Just " User Groups " not work ! It seems that there is a bug in new versions but not in all situations. what can we do for this issue ? Logs.zip
-
Broken previous installation in EES Upgrade
kamiran.asia replied to kamiran.asia's topic in ESET Endpoint Products
Thank you @Marcos for your rapid reply. No , They are installed from All-In-one Package Locally. also maybe installed with ESET remote Deployment tool ( Perhaps ) 99% installed locally with All-In-one installer. -
Hi Dears , We have this problem in many clients (about 5-10 Clients per Customer network ), How We can find that where is the source of these problems ? Upgrade EES from 8.0.2028.3 to 9.0.2046 As you can see it show "Detected broken previous installation" but how can this problem fix manually without using Removal Tools in safe mode ? Will ESET Installation Fixer help in these cases ? Action start 21:56:36: INSTALL. Action start 21:56:36: InstSuppCheckSha2CodeSigningSupport. Action ended 21:56:36: InstSuppCheckSha2CodeSigningSupport. Return value 1. Action start 21:56:36: LaunchConditions. Action ended 21:56:36: LaunchConditions. Return value 1. Action start 21:56:36: InstSuppForceCrossProductTypeUpgrade. ESET: Entering CA InstSupp!caForceCrossProductTypeUpgrade (limited: no) ESET: Previous product type and new product type are same. ESET: Returing from CA InstSupp!caForceCrossProductTypeUpgrade with status 0 (duration: 0.0) Action ended 21:56:37: InstSuppForceCrossProductTypeUpgrade. Return value 1. Action start 21:56:37: InstSuppValidateInstalledProduct. ESET: Entering CA InstSupp!caValidateInstalledProduct (limited: no) ESET: Detected broken previous installation ESET: Running fix MSI registry. ESET: Failed to fix MSI registry. ESET: Returing from CA InstSupp!caValidateInstalledProduct with status 1627 (duration: 21.125) CustomAction InstSuppValidateInstalledProduct returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox) Action ended 21:56:59: InstSuppValidateInstalledProduct. Return value 3. Action start 21:56:59: InstSuppFailed. ESET: Entering CA InstSupp!caOnFailed (limited: no) ESET: Analytics Report - Disabled by conditions. ESET: Failed to start InstHelper ESET: output file : C:\WINDOWS\Temp\eset\bts.stats\msi-20220328-172659.json ESET: Failed to start InstHelper (-1). ESET: Returing from CA InstSupp!caOnFailed with status 0 (duration: 0.16) Action ended 21:56:59: InstSuppFailed. Return value 1. Action ended 21:56:59: INSTALL. Return value 3. .... MSI (s) (7C:10) [21:56:59:721]: Product: ESET Endpoint Security -- Installation failed. MSI (s) (7C:10) [21:56:59:723]: Windows Installer installed the product. Product Name: ESET Endpoint Security. Product Version: 9.0.2032.6. Product Language: 1033. Manufacturer: ESET, spol. s r.o.. Installation success or error status: 1603.
-
ESET Endpoint Security 5 Not Update Any More
kamiran.asia replied to kamiran.asia's topic in ESET Endpoint Products
Thank you @Marcos for your -as usual - rapid reply , these are industrial system that can not be upgrade to win 7 or 10 , if they upgrade to XP Sp3 , V6.5 will be installed but it has a red alert now that can not be disable from console. Any Solution or advice for these cases ? -
Hi Dears, We have some legacy system with XP SP2 with Endpoint Security 5.0.2272.7 it's about many week that it can not update with any ESET Business User/Pass. it show User/Pass Error. It seems that there is a problem in ESET update Servers for ver 5.0
-
Hi Dears, We have find these logs from one of our customers ESET PROTECT Console. Both target and source device is protected with ESET Endpoint Security V9.0 without any infection. How can we find the source of these attacks at source device ? Exported CSV is attached :
-
Hi Dears, We find a bug in Server Security V8.0 on Server 2008 R2. In These two situations Network Protection will not work any more : 1- Upgrading FS 7.3 (with Enabled Network Protection) to 8.0 => it will remove Network Protection Module and even modify installer will not work any more. 2- Installed Server Security V8 : if we modify an installed Version to enable Network protection , it will not work any more. Notice : If we install Server Security 8.0 manually in modify mode , Network protection will work . But in 2 above situation Network protection will not work any more and the message "Anti-phishing protection is not Functional " will appear. We must remove Server Security and Restart Server and Install it manually to Enable Network protection. info : Update Patch Windows6.1-KB2664888-v2-x64.msu in installed