[ESET Uninstaller]

We use SCCM. So it installs using MSIEXEC running as SYSTEM. We have roughly 700 applications in SCCM and can confirm that ESET is the one giving us the most trouble. Unfortunately that's not just how Windows Installer is supposed to work. 

We did work with ESET premium support but with little success hence our decision to change product. 

[ESET Uninstaller]

It's a recurring problem that has never been resolved despite hours spent with ESET premium support. We are moving away from ESET because it's not worth the effort anymore. 

[ESET Uninstaller]

This command works if you don't attempt to upgrade first. Once we attempt to upgrade and it fails the only option we have is to use the Uninstaller Tool. Sounds like we'll have to script the removal, restart and then installation of the latest build just to upgrade. 

That's not just an isolated case, we can repro on a newly imaged machine upgrading from ESET Endpoint Antivirus 8.0 to 8.1. 

[ESET Uninstaller]

Unfortunately for us last resort is hundreds of machines that refuses to either uninstall or upgrade to a newer build. 

[ESET Uninstaller]

Hi, 

Has anyone been able to programmatically run the ESET uninstaller tool? We have a large amount of computers and since that tool needs to run in safe mode it is quite a challenge to automate. 

Thank you 

[ESET Endpoint Antivirus EOL]

Hi, 

According to https://support.eset.com/en/kb3592-is-my-eset-product-supported-eset-end-of-life-policy-business-products 7.3.2044.0 is supported until December 2022. I don't see anything about 7.3.2041.0 in that page. Will it also be supported until December 2022? If not when will it stop receiving updates and support? 

Thank you

[Process exclusion]

Thank you for the fast response

[Process exclusion]

Hi, 

I see Endpoint Antivirus now supports process exclusions. Could someone confirm if child-processes also get excluded from realtime scanning if the parent process is excluded? 

Thank you,

[Azure Market Place ERA template]

The virtual appliance runs on Linux if I'm not mistaken. I was hoping to set this up on a Windows Server. 

Not a big deal, I'll just manually build a Windows Server 2019 in Azure and install ESMC 7.

[Azure Market Place ERA template]

This template still has Windows Server 2012R2 Datacenter edition and ERA 6. Are there plans to update it?

https://azuremarketplace.microsoft.com/en-us/marketplace/apps/eset.eset-remote-administrator?tab=Overview

[Apache HTTP Proxy issues]

I get ~1 a minute. Maybe it's not directly caused by it but we can't activate ESET through the Apache HTTP Proxy. We need to bypass it for activation to work so there's definitely something wrong with it.

I'll contact support.

Thanks for your feedback

[Apache HTTP Proxy issues]

Hi, 

I just upgraded to V7 from ERA 6.5 using the Component Upgrade task. I used the V7 AIO installer to upgrade Apache HTTP Proxy as well. 

I get these errors all the time in "C:\Program Files\Apache HTTP Proxy\logs\error.log"

Quote

[Mon Feb 04 16:58:45.932716 2019] [ssl:warn] [pid 7308:tid 452] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]

Shouldn't there be httpd-ssl.conf in "C:\Program Files\Apache HTTP Proxy\conf" ?? It's not present for us at least.

I had issues with client activation and decided to disable proxy in the client to use your public servers. It appears to have fixed the issue so the proxy config has some issues for sure.

[ESET Server Certificate]

Yes we are ok here, just wanted to share this in case someone had the same problem as we had to spend some time on this problem. 

On the same note, even just by accessing https://edfpcs.trafficmanager.net in Chrome will prompt a security warning which is sub-optimal to say the least. 

I known it's not meant to be accessed directly but it could probably be improved.

You can consider this as resolved for us. 

Thanks for looking into it,

[ESET Server Certificate]

Hi Peter, 

We had issues activating ESET Endpoint Antivirus and after monitoring ESET and our web proxy logs we found out https://edfpcs.trafficmanager.net/ was getting blocked due to certificate mismatch. 

So our web proxy blocks it before the balancer can do its job. 

Not a big deal because we manually whitelisted it but I feel like we'd have a lot more issues than just ESET activation servers if our web proxy didn't support DNS balancers.

[ESET Server Certificate]

Hi, why is https://edfpcs.trafficmanager.net signed with a certificate that is issued to https://edf.eset.com ? 

Should at least add a SAN for it. 

Our web proxy is blocking it because there's a certificate mismatch. 

 

[ESET Endpoint Security 7 BETA signup]

Please sign me up. Can we expect the final version to come out this summer? 

[Activation through proxy]

Hi, 

I'm experiencing issue activating a client that connects through the ESET Apache HTTP Proxy. Definition updates download just fine once the product is activated but for some reason the only way I can activate is if I disable the proxy in the ESET Endpoint Antivirus client. 

• ESET Endpoint Antivirus 6.6.2072.2
• Policy set to use proxy and fallback to direct connection when proxy not available
• Managed by ERA 6.5
• Default httpd.conf (unchanged from the ERA 6.5 installer)
• Pointed my browser to the Apache HTTP Proxy and went to https://edf.eset.com/edf successfully
• Confirmed on our corporate web proxy that no web traffic is being blocked 

Worth noting that this started with version of ESET Endpoint Antivirus 6.6 as I didn't experience this issue with 6.5 and older.

Thanks, 

[Heads Up - Major Problems with 6.6]

Logs were lost here also. After failing to upgrade ESET I rebooted and Windows 10 1703 wouldn't boot anymore.

Couldn't even get into safe mode. 

Tried to resolve it with ESET Premium Support (#69797) but nothing worked so I had to reinstall the OS. 

[Heads Up - Major Problems with 6.6]

Just updated from Endpoint Antivirus 6.6.2046.0 to 6.6.2052.0 and it failed with return code 1603.

It didn't rollback anything so I'm left without AV. I'll try the uninstaller tool...

[6.6 Application Statuses]

Same here. 

I've been told by ESET support that ERA 7 is coming out and it should support all the 6.6 configurations out of the box.

Also been suggested to locally configure a client, click on request configuration from ERA and then create a new policy with the imported configuration. I didn't try that as I'll just be sticking to 6.5 until there's a proper solution.

[6.6 Application Statuses]

Fyi, I now have the latest configuration module but I still can't disable these two statuses from ERA. 

ESET Support Case 69797 has been opened. No ETA yet...

[6.6 Application Statuses]

Thanks Marcos, I'd rather wait a bit as I found this in the documentation. Do you have an ETA for the new configuration module to make it into the regular release?

We do not recommend that you select Pre-release updates for production systems as this is a risk.

[6.6 Application Statuses]

Thanks for the advice, I'll keep that in mind but it will take time for us to evaluate the feature and roll it out to all of our endpoints.

So with that said, how can I disable these two alerts like I used to be able with previous builds?

[6.6 Application Statuses]

We have other products in place for that.

[6.6 Application Statuses]

Using Endpoint Antivirus 6.6.2046.0 with ERA 6.5.522.0.

We disable Protocol Filtering by policy so we also disable the application statuses that relate to it. Just after upgrading to 6.6.2046.0 from 6.5 I started having warnings about it again.

After checking I see that Endpoint Antivirus 6.6.2046.0 added two new application protocol filtering statuses that can't be changed by policy yet. Please see screenshot comparing the options I have from the server vs what I have locally. I assume we'll need to wait for ERA 6.6 to fully support Endpoint Antivirus 6.6.2046.0?

As a side note, I suggest that when you disable a functionality by policy the client should automatically stop sending alerts about it.