Jump to content

StotheR

Members
  • Posts

    17
  • Joined

  • Last visited

Everything posted by StotheR

  1. Indeed there was a policy that overwrote smtp settings. Fixed it. Thank you
  2. Hello everyone, recently I changed some policy settings of our default ESET Endpoint for Windows policy, that is assigned to all ESET clients on our hosted PROTECT server. To be specific I altered notification settings in terms of smtp server and smtp user and so on. Apparently the settings haven't been deployed. Yesterday I noticed coincidentally that a client sent a Mail with old smtp settings. After that I checked few other clients, all of them have old smtp settings. Do I have to deploy actively a policy after changes or am I missing something obvious? All checked clients are online and responded recently to ESET PROTECT and there is no other policy that overwrote my settings.
  3. Okay, thanks so far. How does it behave, if we deactivate a client and respectively its license on the ESET PROTECT on prem server when the client is already decommissioned at that time and will never connect to the ESET PROTECT server again? Should the license be freed than?
  4. Thank you for your answer. How does it work, when I add a customer license with dedicated ELA account to our central EBA account? Does the mail contact receive another mail to confirm the process?
  5. Thank you for your answers so far. I'm talking here about major version updates e.g. from 7.2 to 7.3 which require always a reboot as far as I know.
  6. Hi, many of our systems has to be online during daytime, so we do ESET updates at night. This is quite annoying because of late working hours. What are negative effects when we update an ESET client and plan the restart in the following night? Is ESET Antivir (Endpoint, File and Mail Security) still fully functional or is the system not secured by ESET until it's restarted? Regards
  7. Hi there, as IT service provider we administer the ESET licenses for our customers with hundreds of client licenses (Endpoint Antivirus/Security, File Security, Mail Security). Therefore we run an ESET PROTECT on prem server which contains all of the licenses. When a client was decommissioned, we removed it on ESET PROTECT while thinking that should be enough to free the relevant client license. Recently we noticed that client licenses are not freed through this process (anymore?). I came across ELA web interface and created accounts for some customer licenses. Looks like it's possible to free client licenses there. When I do that the client license/unit counter decrements in ELA but the change is not syncing to our ESET PROTEC server though. Besides ELA login page shows, that it's not fully supported an a legacy portal. So what is the correct way to manage ESET licenses and to free license seats? Regards
  8. Most of the source IPs differ. Every now and then one IP tries it multiple times. I also assume its some sort of brute force attack or a port scan. RAPs and CAPs are configured on the RDS Gateway. Only thing that made me wondering was that detections in ESMC weren't resolved and handled automatically and one had the possibility to resolve it manually. I just checked ESMC and since creation of my thread, detections of security vulnerability exploitation are handle and resolved automatically.
  9. Unfortunately the detailed view of that sort of message doesn't provide further information except that it says "not resolved"
  10. Edit 2: The system is behind a firewall and there is port forwarding configured for tcp port 443 for its intended use
  11. Hi there, on one of our customer Windows Server 2019 machines with File Security 7.2 installed, I see multple unresolved security vulnerability exploitations per day: What makes me bit nervous is, although the actions on these detections is "blocked" they don`t have the status "resolved". One can set resolved status manually. What does that mean? Do I have to worry about these messages? The machine is a Windows Remote Desktop Gateway in a RDS structure. Kind regards Edit: The underlying process name is "System"
  12. Hi, recently we got a new customer and and I wanted to install and update all eset installations on the customers clients and servers. I have problems to do so with one Windows Server 2008R2 virtual machine. There is/was Eset 4.x installed but it does not work properly. When I try to start its UI I get The Eset 4.x installation is not listed in "programs and features" but there are files and directoires under "C:\Program Files\ESET\ESET NOD32 Antivirus" and "C:\ProgramData\ESET\ESET NOD32 Antivirus". Nonetheless I was able to install our "Eset Remote Administrator Agent". Installing a Eset FileSecurity via Remote Administrator windows error log says When I try to install FileSecurity manually I get EsetUninstaller finds one AV product But I think that is the Eset Remote Administrator Agent and won t work. Does anyone have any idea how to solve this problem? Regards
  13. Thank you very much. Apparently one of my installation tries failed and left registry eintries. Deleting these solved my problem. Just wondering how it fails in first place because machine was a almost a clean install and I'm the first who did antivrus/eset install
  14. Here's the msiexec log with parameters /Limewaru! === Logging started: 24.03.2016 08:45:12 === Action 08:45:12: INSTALL. Action start 08:45:12: INSTALL. Action 08:45:12: WindowsFolder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action start 08:45:12: WindowsFolder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action ended 08:45:12: WindowsFolder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Return value 1. Action 08:45:12: System64Folder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action start 08:45:12: System64Folder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action ended 08:45:12: System64Folder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Return value 1. Action 08:45:12: FindRelatedProducts. Searching for related applications Action start 08:45:12: FindRelatedProducts. FindRelatedProducts: Found application: {A0E7525A-7F3D-407B-80DD-E992D2745203} Action ended 08:45:12: FindRelatedProducts. Return value 1. Action 08:45:12: SetP_UPGRADE. Action start 08:45:12: SetP_UPGRADE. Action ended 08:45:12: SetP_UPGRADE. Return value 1. Action 08:45:12: PrepareDlg. Action start 08:45:12: PrepareDlg. Info 2898. For WixUI_Font_Normal textstyle, the system created a 'Tahoma' font, in 0 character set, of 13 pixels height. Info 2898. For WixUI_Font_Bigger textstyle, the system created a 'Tahoma' font, in 0 character set, of 19 pixels height. DEBUG: Error 2826: Control BottomLine on dialog PrepareDlg extends beyond the boundaries of the dialog to the right by 3 pixels The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2826. The arguments are: PrepareDlg, BottomLine, to the right Action 08:45:12: PrepareDlg. Dialog created Action ended 08:45:12: PrepareDlg. Return value 1. Action 08:45:12: AppSearch. Searching for installed applications Action start 08:45:12: AppSearch. AppSearch: Property: P_INSTALLDIR, Signature: RegSearchInstallDir AppSearch: Property: P_APPLICATION_DATA_DIR, Signature: RegSearchProgramDataAppDir AppSearch: Property: P_PRODUCT_GUID, Signature: RegSearchProductGuid AppSearch: Property: P_LOCALE, Signature: RegSearchLocale Action ended 08:45:12: AppSearch. Return value 1. Action 08:45:12: WixQueryOsWellKnownSID. Action start 08:45:12: WixQueryOsWellKnownSID. Action ended 08:45:13: WixQueryOsWellKnownSID. Return value 1. Action 08:45:13: CA_CheckUserIsAdmin. Action start 08:45:13: CA_CheckUserIsAdmin. Action ended 08:45:13: CA_CheckUserIsAdmin. Return value 1. Action 08:45:13: SetP_BUILD_CONFIGURATION. Action start 08:45:13: SetP_BUILD_CONFIGURATION. Action ended 08:45:13: SetP_BUILD_CONFIGURATION. Return value 1. Action 08:45:13: LaunchConditions. Evaluating launch conditions Action start 08:45:13: LaunchConditions. Action ended 08:45:13: LaunchConditions. Return value 1. Action 08:45:13: SetARPNOMODIFY. Action start 08:45:13: SetARPNOMODIFY. Action ended 08:45:13: SetARPNOMODIFY. Return value 1. Action 08:45:13: SetP_CERT_AUTH_TEMP_PATH. Action start 08:45:13: SetP_CERT_AUTH_TEMP_PATH. Action ended 08:45:13: SetP_CERT_AUTH_TEMP_PATH. Return value 1. Action 08:45:13: SetP_CERT_TEMP_PATH. Action start 08:45:13: SetP_CERT_TEMP_PATH. Action ended 08:45:13: SetP_CERT_TEMP_PATH. Return value 1. Action 08:45:13: SetP_DB_CONNECTOR_NATIVESQLITE_PATH. Action start 08:45:13: SetP_DB_CONNECTOR_NATIVESQLITE_PATH. Action ended 08:45:13: SetP_DB_CONNECTOR_NATIVESQLITE_PATH. Return value 1. Action 08:45:13: SetP_DB_CONNECTORS_DIR. Action start 08:45:13: SetP_DB_CONNECTORS_DIR. Action ended 08:45:13: SetP_DB_CONNECTORS_DIR. Return value 1. Action 08:45:13: SetP_ERA_LIB_DIR. Action start 08:45:13: SetP_ERA_LIB_DIR. Action ended 08:45:13: SetP_ERA_LIB_DIR. Return value 1. Action 08:45:13: SetP_ERA_TEMP_DIR. Action start 08:45:13: SetP_ERA_TEMP_DIR. Action ended 08:45:13: SetP_ERA_TEMP_DIR. Return value 1. Action 08:45:13: SetP_HOSTNAME. Action start 08:45:13: SetP_HOSTNAME. Action ended 08:45:13: SetP_HOSTNAME. Return value 1. Action 08:45:13: SetP_MODULE_EM000_PATH. Action start 08:45:13: SetP_MODULE_EM000_PATH. Action ended 08:45:13: SetP_MODULE_EM000_PATH. Return value 1. Action 08:45:13: SetP_MODULE_EM039_PATH. Action start 08:45:13: SetP_MODULE_EM039_PATH. Action ended 08:45:13: SetP_MODULE_EM039_PATH. Return value 1. Action 08:45:13: SetP_MODULES_DIR. Action start 08:45:13: SetP_MODULES_DIR. Action ended 08:45:13: SetP_MODULES_DIR. Return value 1. Action 08:45:13: SetP_MSVCP_DLL_PATH. Action start 08:45:13: SetP_MSVCP_DLL_PATH. Action ended 08:45:13: SetP_MSVCP_DLL_PATH. Return value 1. Action 08:45:13: SetP_MSVCR_DLL_PATH. Action start 08:45:13: SetP_MSVCR_DLL_PATH. Action ended 08:45:13: SetP_MSVCR_DLL_PATH. Return value 1. Action 08:45:13: SetP_NETWORK_DLL_PATH. Action start 08:45:13: SetP_NETWORK_DLL_PATH. Action ended 08:45:13: SetP_NETWORK_DLL_PATH. Return value 1. Action 08:45:13: SetP_PORT. Action start 08:45:13: SetP_PORT. Action ended 08:45:13: SetP_PORT. Return value 1. Action 08:45:13: SetP_PRODUCT_NAME. Action start 08:45:13: SetP_PRODUCT_NAME. Action ended 08:45:13: SetP_PRODUCT_NAME. Return value 1. Action 08:45:13: SetP_PROTOBUF_DLL_PATH. Action start 08:45:13: SetP_PROTOBUF_DLL_PATH. Action ended 08:45:13: SetP_PROTOBUF_DLL_PATH. Return value 1. Action 08:45:13: SetP_SERVER_CERT_TEMP_PATH. Action start 08:45:13: SetP_SERVER_CERT_TEMP_PATH. Action ended 08:45:13: SetP_SERVER_CERT_TEMP_PATH. Return value 1. Action 08:45:13: SetP_SERVERAPI_DLL_PATH. Action start 08:45:13: SetP_SERVERAPI_DLL_PATH. Action ended 08:45:13: SetP_SERVERAPI_DLL_PATH. Return value 1. Action 08:45:13: ValidateProductID. Action start 08:45:13: ValidateProductID. Action ended 08:45:13: ValidateProductID. Return value 1. Action 08:45:13: CA_WindowsFolder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action start 08:45:13: CA_WindowsFolder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action ended 08:45:13: CA_WindowsFolder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Return value 1. Action 08:45:13: CA_System64Folder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action start 08:45:13: CA_System64Folder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Action ended 08:45:13: CA_System64Folder_amd64_VC.585D293E_BFCC_3045_857D_FFD4B0225AB6. Return value 1. Action 08:45:13: CostInitialize. Computing space requirements Action start 08:45:13: CostInitialize. Action ended 08:45:13: CostInitialize. Return value 1. Action 08:45:13: FileCost. Computing space requirements Action start 08:45:13: FileCost. Action ended 08:45:13: FileCost. Return value 1. Action 08:45:13: CostFinalize. Computing space requirements Action start 08:45:13: CostFinalize. Action ended 08:45:13: CostFinalize. Return value 1. Action 08:45:13: SetP_DB_PATH. Action start 08:45:13: SetP_DB_PATH. Action ended 08:45:13: SetP_DB_PATH. Return value 1. Action 08:45:13: SetP_DB_SCRIPTS_DIR. Action start 08:45:13: SetP_DB_SCRIPTS_DIR. Action ended 08:45:13: SetP_DB_SCRIPTS_DIR. Return value 1. Action 08:45:13: SetP_DEFAULT_PROGRAM_APP_DIR. Action start 08:45:13: SetP_DEFAULT_PROGRAM_APP_DIR. Action ended 08:45:13: SetP_DEFAULT_PROGRAM_APP_DIR. Return value 1. Action 08:45:13: SetP_MSI_BACKUP_FOLDER. Action start 08:45:13: SetP_MSI_BACKUP_FOLDER. Action ended 08:45:13: SetP_MSI_BACKUP_FOLDER. Return value 1. Action 08:45:13: CA_ExtractMsiFiles. Extracting files from MSI Action start 08:45:13: CA_ExtractMsiFiles. Action ended 08:45:16: CA_ExtractMsiFiles. Return value 1. Action 08:45:16: CA_LoadInstalledData. Loading installed data Action start 08:45:16: CA_LoadInstalledData. Action ended 08:45:16: CA_LoadInstalledData. Return value 1. Action 08:45:16: CA_LogPropertiesValues. Logging installation properties Action start 08:45:16: CA_LogPropertiesValues. Action ended 08:45:16: CA_LogPropertiesValues. Return value 1. Action 08:45:16: SETversion.NEW. Action start 08:45:16: SETversion.NEW. Action ended 08:45:16: SETversion.NEW. Return value 1. Action 08:45:16: SETversion.UPGRADE. Action start 08:45:16: SETversion.UPGRADE. Action ended 08:45:16: SETversion.UPGRADE. Return value 1. Action 08:45:16: MigrateFeatureStates. Migrating feature states from related applications Action start 08:45:16: MigrateFeatureStates. Action ended 08:45:16: MigrateFeatureStates. Return value 1. Action 08:45:16: WelcomeDlg. Action start 08:45:16: WelcomeDlg. DEBUG: Error 2826: Control BottomLine on dialog WelcomeDlg extends beyond the boundaries of the dialog to the right by 3 pixels The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2826. The arguments are: WelcomeDlg, BottomLine, to the right Action 08:45:16: WelcomeDlg. Dialog created Info 2898. For WixUI_Font_Title textstyle, the system created a 'Tahoma' font, in 0 character set, of 14 pixels height. DEBUG: Error 2826: Control BottomLine on dialog LicenseAgreementDialogModified extends beyond the boundaries of the dialog to the right by 3 pixels The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2826. The arguments are: LicenseAgreementDialogModified, BottomLine, to the right DEBUG: Error 2826: Control BannerLine on dialog LicenseAgreementDialogModified extends beyond the boundaries of the dialog to the right by 3 pixels The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2826. The arguments are: LicenseAgreementDialogModified, BannerLine, to the right Action 08:45:19: LicenseAgreementDialogModified. Dialog created Action 08:45:22: CA_DbCheckConnection. Action start 08:45:22: CA_DbCheckConnection. Action ended 08:45:22: CA_DbCheckConnection. Return value 1. Action 08:45:22: BadUserInputDlg. Dialog created Action 08:45:25: CancelDlg. Dialog created Action 08:45:26: CA_RemoveDirectoriesAfterCancel. Action start 08:45:26: CA_RemoveDirectoriesAfterCancel. Action ended 08:45:26: CA_RemoveDirectoriesAfterCancel. Return value 1. Action ended 08:45:26: WelcomeDlg. Return value 2. Action 08:45:26: UserExit. Action start 08:45:26: UserExit. DEBUG: Error 2826: Control BottomLine on dialog UserExit extends beyond the boundaries of the dialog to the right by 3 pixels The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2826. The arguments are: UserExit, BottomLine, to the right Action 08:45:26: UserExit. Dialog created Action ended 08:45:28: UserExit. Return value 2. Action ended 08:45:28: INSTALL. Return value 2. === Logging stopped: 24.03.2016 08:45:28 === MSI (c) (78:7C) [08:45:28:471]: Product: ESET Remote Administrator Agent -- Installation failed. MSI (c) (78:7C) [08:45:28:481]: Windows Installer installed the product. Product Name: ESET Remote Administrator Agent. Product Version: 6.3.136.0. Product Language: 1033. Manufacturer: ESET, spol. s r.o.. Installation success or error status: 1602. I also came across ESET Uninstaller, that has not solved the problem. Directory c:\ProgramData\ESET does not exist, neither before I tried to install nor after. For one client I am absolutely sure, that there was and is no older version of the client installed
  15. Hi, have the same problem with two clients at two different customers. Both computers have nothing in common. Different hardware components, different windows versions (7 and 10), different networks. ERA install via .bat file does not work too. Installation process looks normal but at the end there is no remote agend installed, no service running, no directory in program files, nothing. I guess there is some sort of similiar error message, that only shows up for a short moment.
  16. Hi, we're using ERA6 to deployEset antivirus on our customers clients. We use a task to install antivirus. Newly installed clients though run through a lot of restarts due to software installation or windows updates. If a machine restarts while the task is running the task fails and will never be executed again. One has to create manually a new task for antivirus installation. Is there any option to repeat a task periodically in a certain time interval or for a given number of retries until it succeeds or even better is there any conditional task execution option like "run install task if antivirus is not installed yet"?? regards
×
×
  • Create New...