Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by tomha

  1. Problem solved - I once again removed the Agent, rebooted and reinstalled the agent, after some minutes both agents connected to the Server. Status.html did not show any error (all green but no last replication). The trace. log showed the error i pasted in my initial posting.
  2. Two clients stopped connecting to the ESMC Server after upgrading the Agent to V7. I tried to remove the Agent and reinstall but unfortunately there see,s to be no way to get the clients to connect. There is a suspicious entry in the trace.log: 2018-09-01 08:31:03 Information: Kernel [Thread 880]: Initializing module ERAG1ClientConnector 2018-09-01 08:31:03 Information: ERAG1ClientConnector [Thread 880]: <CONNECTOR_MODULE> exception class Era::Connectors::G1ClientConnector::no_installed_product occurred at ProductOfflineConfiguration\WindowsProducts.cpp:56. Product not i
  3. sorry Marcos, i failed: Component Upgrade Task now works to upgrade Clients agents from 6.5 to 7.0 Congrats to eset for the very fast correction of this issue.
  4. I can confirm, that "ESMC component upgrade task" now, was successful to upgrade a clients Agent from 6.5 to 7.0
  5. @ Marcos: ru sure: "Agent can be upgraded by sending an ESMC component upgrade task to clients. "?? This didn't work on any client at our site. We had to create a "run command" Task to download and upgrade the agents at client side.
  6. @Marveltec: Please specify why a "run command" task mentioned in https://support.eset.com/KB6819/ "III. Agent upgrade using Run Command Client task" does not work.
  7. Yes i already upgraded the agents using "run command" tasks, Just wondering what the ESMC component upgrade task is for?
  8. Steven, i can confirm, that the Eset Plugin for Automate seems to be broken. We also cannot create or edit ERA Policies because the policy editor shows a blank screen. We are on ESMC 7.0.553.0 , Automate 12 Patch 8, Eset Plugin The ERA Plugin logs do not show any relevant entries. We do not use the Automate Plugin often, because we manage our clients via ERA/ESMC, so i cannot tell when it got broken. Regards Thomas
  9. I did an upgrade of my ERA Server to ESMC7 which went flawless. After upgrading i tried to upgrade the agent of the Server itself and a clients agent to V7 using a ESMC Component upgrade Task. The task finished successful but the agent version stayed at 6.5.522.0. A manual execution of the agent installer msi at the server itself installed the V7 Agent. So does anyone know, how to get the ESMC upgrade task working on Client side to upgrade the agents, since updating the agents manually is no option?
  10. The Eset Support Team seems to have fond a glitch with parsing of lnk files. I was told, this problem will be solved by a module update.
  11. @ Peter Thanks for your reply. I ran Procmon while doing a startupscan and it seems ekrn.exe tries to access all entries of the systems path variable wit some "\..\" added and then the "C:\Windows\syswow64\reserver30\" added. - Screenshot attached. No clue why ekrn.exe does this, where it gets the path from and why it seems to find a file under this strange path. As you suggested i opened a ticket at the local Eset support and provided the logs. Regards, Thomas
  12. We´re running Eset FileSecurity for Windows Server 6.5.12010.0 on a SBS 2011 (technically Server2008R2). Our customer is using a software called Remote Administrator 3 to gain remoteaccess to the server. This software is reported as potential unsafe application by eset products, which we were aware of and set up the necessary exclusions. The executable "rserver3.exe" ist installed under "C:\Windows\Syswow64\rserver30\" and the path and the executable are excluded. This exclusions were working without problems for long time, but suddenly we got messages about rserver3.exe as potentially un
  13. Similar problem here. I tried an upgrade task from EAV 6.5 to 6.6 via ERA on a Win10Pro(1703) machine. The task failed several times with error 1921. Then i tried to do the upgrade manually, which failed due to eset service could not be stopped. After the manual installation EAV 6.5 was crippled(not showing up in APPS and Features anymore, left over in the context menu, eset service running, no GUI). I did a manual uninstall of EAV with the uninstall tool in SafeMode. After that i could install EAV 6.6 via ERA. Strange!
  14. When a policy with exclusions(File system paths not to be scanned by the eset security product) is distributed to the clients, with actual ERA/Endpoint Versions it is not possible to use(merge) more than on policiy. We need to create exclusion policies for different computers and software configurations and merge them at client side. For Example: Policy 1 for Server 2008 Policy 2 for Server 2012 Policy 3 for Software ABC Policy 4 for Software DEF now we can combine policy one and 3 for a Server 2008 with Software ABC installed and policy 2 and 3 for a server 2012 running softwa
  15. Many thanks for this information.
  16. When willl we be able to merge exclusion policies on Eset Business products via ERA? When willl we be able to set local exclusion beside the exclusions applied via policy? If anyone knows about a release date for this functionality, please let us know. Thanks in advance
  17. I would like to confirm this behaviour. We never put this in relation with Eset security solutions but we can confirm seeing the black screen with mouse cursor only for minutes after logging of from Win 10. The black screen after logoff appeared by random(approx 1 of 5 Loggoffs) on 20 PCs on 4 different Networks of our customers. We never thought it´s related to eset software installed, we thought it´s a win 10 bug. Because this problem was evident when setting up the PCs and was never seen in daily use(Power-On - Logon - Power off) we didn´t investigate further. After reading your p
  18. Some of our customers have software installed which is using a postgres database. The software is installed in one single folder. This folder is named by the software vendor and is located in different places at different systems. The foldername and location can be chosen while installing the software. There is a subfolder called "postgresSQL" with another subfolder named like the postgres Version(in our case "8.4"). This folder seems to contain the postgres executable and the data. We set an exclusion for the main folder of the software installation with subdirs(PostgresSQL...) excluded, to
  19. Same problem here! This behavior should get changed in further releases of Eset Endpoint, Server and ERA products. Sometimes it´s necessary to set a single exclusion on a single client. It would be better to do this on client side, instead of creating a policy for each single exclusion. In fact that policies with exclusions do not get merged on client side, in my opinion, the whole ERA policy design is not optimal to set granular exclusions on different clients. We are managing 17 client locations with one ERA Server and urgently need the functionality to merge different policies containin
  20. The ability to assign multiple policies with different exclusions to a client is urgently needed. We need to define a exclusion policy for the server OS, then another with exclusions for installed software. And because there is no possibility to set local exclusions on the client, we need to create another policy to exclude programs installed at one client only. The fact that we have to create a policy with all exclusions for each Server makes dynamic groups useless.
  21. @Luminai: Are you using a passphrase for the certificate? if yes does it include special characters? I had problems installing the Agent vie the EraAgentInstaller.bat when the certificate had a passphrase with special characters set. Is there any log on client side?
  22. The file is part of an old version of Intel Active System Console. It has been there for years and never has been detected by FileSecurity 4.5. Here is the excerpt of the Log: <?xml version="1.0" encoding="utf-8" ?> <ESET> <LOG> <RECORD> <COLUMN NAME="Zeit">07.12.2015 19:23:06</COLUMN> <COLUMN NAME="Prüfung">Echtzeit-Dateischutz</COLUMN> <COLUMN NAME="Objekttyp">Datei</COLUMN> <COLUMN NAME="Objekt">C:\Program Files (x86)\Intel\ASC\bin\PROCESS.EXE</COLUMN> <COLUMN NAME="Bedrohun
  23. Eset FileSecurity V6.2.1.2007.1 detects a suspicious file. When asked for action on this file, i select to ignore this file and select no action. But the file is shown as potentially unsafe again and the checkbox to ignore the file is unchecked again. How to exclude a potential unsafe file when it is a false alarm?
  24. Thanks for your Reply. The client i wanted to install FileSecurity is not in the same network or domain as the ERA Server. I tried to install FS via WAN. So the Agent should start the download of the FS installer file and start the installation after downloading. Since the http download is initiated by the agent their should not exist any blocking from the firewall. The Agent got the installation Task from the ERA Server but did not seem to download the FileSecurity.msi. After speaking with local Eset support the culprit was agent service running under Local System account. After changing
  25. I tried to initiate a remote install of FileSecurity 6 using ERA 6. The Client(Server 2012 R2) is communicating with the ERA Server without any problems. When i try to push FileSecurity 6 to the client the task fails. The error message is:Task error - Try to install the software manually ( I translated from German) On the clients the trace log the error is: Software installation failed: GetFile: Error reading HTTP response (0x4e2a) Any Hints?
  • Create New...