Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by j-gray

  1. I've opened a case with support (312404) to see what we can do to resolve this issue.
  2. Is there a recommended solution for this issue?
  3. Thanks for the reply. That command returns the hostname only. How do we get the client to properly report FQDN? The problem is that this creates two objects when using AD sync: one object with FQDN and the same object with hostname only. The object with hostname only then gets dumped into Lost & Found. The rename task used to work in the past. We have too many clients to rename every duplicate manually. Is there a workaround?
  4. This task has been configured to run on the 'Lost and Found' container for quite a while and has been working. The task still runs successfully, but we have 60+ Mac's that are not updating their FQDN. The show as hostname only. They reply/resolve on the network with their FQDN. They are in DNS and DHCP with their correct FQDN. Why does ESMC not show their correct FQDN and what can I do to resolve this issue?
  5. @Marcos Yes, PUA's have been cleaned properly on the problematic systems. Thank you!!
  6. @Marcos @MichalJ Where may I upload log files? I'd prefer not to post in the forum. Thank you.
  7. @MichalJ The PUPs flagged as critical are JS/Mindspark.G, JS/Spigot.B, JS/Visicom.A, OSX/Mackeeper.DL, and on Windows, Win32/AirAdInstaller.A, JS/Visicom.A, JS/Spigot.B. Both Real-time and On-demand set for strict cleaning have been unable to clean. This a recent occurrence where nothing from PUPs to trojans and other malware are not getting successfully cleaned with 'strict cleaning' enabled, causing a high count of active threats. OS X is a mix of 10.12.6 and 10.13.6 running ESET version 6.7.654.0 Windows is a mix of 7 and 10 running ESET version 7.0.2100.4 and 7.1.2045.5
  8. Yes, I should have clarified. On the Windows clients I see this for items typically flagged as Trojans. It's odd to me that a Trojan gets flagged with severity 'Warning', where a PUP gets flagged with severity 'Critical'. This seems backwards. I also don't understand why those that get flagged with 'Critical' and 'Active Threats' show up in the console with a green check mark indicating healthy status. See below:
  9. On OS X clients, lately I've been seeing a lot of unhandled PUP's with little information to go on. This is the result of Full scan with cleaning: Policies are set for 'Strict Cleaning' on both real-time and on-demand scans. I'd like to understand what's (not) happening here. I'm seeing similar on Windows clients, though it typically says, "action selection postponed until scan completion" but never takes any action even after the scan completes.
  10. I've found similar instances and attribute it to some form of agent corruption. I haven't found an easy way to repair the agent, but the majority of the time, simply uninstalling and reinstalling the agent resolves the issue. Not what I would consider a "fix", but does get things working again.
  11. Can you please clarify the implications of this: "ESET Endpoint Antivirus is notarized by Apple and recognized by Gatekeeper" Does this mean that ESET kernel extensions will no longer be blocked by Mac OS?
  12. Can you please clarify if 7.1 client is fully compatible with 7.0 ESMC? Is this what "Added: ESMC 7.0 compatibility" means? Thank you.
  13. I updated the client to 7.0.2091 and rebooted last night. Today I attempted to run the log collector again. Still get the same timeout error. Any suggestions how to troubleshoot log collector failures? Does the log collector create its own logs somewhere?
  14. @Marcos I've attempted to get the logs over several days, but each time I get the following: "Failed to start application | Log collector command timed out and was terminated" Didn't find any details why it's failing. Other tasks appear to be running without issue. Any suggestions how to troubleshoot this?
  15. I have a Windows workstation (latest agent, AV = 7.0.2091.0). It has been scanned three times over two days. Each scan reports the same: 'Critical': 48 infected, 0 cleaned. When I go to the linked client details, it shows only 2 warnings for PUP's in the Threats/Quarantine section. In the ERA console view, the workstation shows with a green check showing status 'OK', but also reflects the two active threats. The 'High severity scans in last 30 days' reflects the three scans each showing 48 infections. I haven't yet found a report or view that details what items are infected. My questions are: Where can I look to see what items are infected and/or why they were not handled? If the system is infected, why is not flagged as such? It shows status 'OK' and only reflects the two PUP warnings. Nothing else in the client view indicates any infections or issues otherwise. Thank you.
  16. FWIW, I get the same error on the latest version of Apache HTTP Proxy each time the service starts, though it does not appear to be causing any issues.
  17. Thanks for the clarification. That makes sense!
  18. I am no doubt missing the obvious, but... I'd like to create a task to upgrade older agents to the latest version and have it available to run at will and/or assign to a dynamic group. However, I've run into the following hurdles: Server Task for 'Agent Deployment' requires that Target is specified. For Target, it will not allow me to assign to a Dynamic Group, nor will it allow selection of any clients within a Dynamic Group (the option/checkbox is grayed out). Available filter options for Target do not include options for Agent version or other method to target clients needing agent update. Column for Agent version in the 'Select Target' window are not present, so cannot sort by version to find older. How can I target clients with old agents, without having to manually select them and create an upgrade task each time, given the above?
  19. On Mojave OS X clients, we're seeing the following alert: "macOS is preventing ESET Security Product from accessing some folders" This is on the latest Antivirus 6.7.600.0 and Agent 7.0.432.0 Search did not turn up any clues. Is there any info available indicating what is causing this and how to resolve? TIA
  20. Thanks for the info. I have a ticket open with support for this but haven't gotten any updates or confirmation this is a bug. Do you have any info as to when a fix might be released? TIA
  21. You will need an RD Sensor on each and every subnet. Is this the case in your environment?
  22. @Matus Are you saying the splash-screen issue is known? I have a case open (#216348) and support has advised that this is not a known issue.
  23. It appears that sub-groups are not respecting the parent group filter. I have parent group filter by OS, therefore, sub-groups do not specify OS in the expression. While it appears correctly in the console (e.g. only Macs are in the Mac group), because OS is not specified in any sub-group, sub-groups are applied to all clients.
  24. @Marcos Groups are displayed on the left with client info in the main pane:
  25. I have two separate dynamic groups to contain different operating systems; one for Windows and one for OS X based on the following two templates, respectively: OS edition . OS type = (equal) Microsoft Windows OS edition . OS type = (equal) Mac OS When I look in the console, as expected I see only Windows workstations/servers in the Windows group and only OS X devices in the Mac container. Yet, when I look at computer details of any client, it shows it being a member of both dynamic groups. Any idea what is causing this?
  • Create New...