russell_t

Picked one of the systems with the error, the system seemed protected while showing the warning. Performed only a reboot of a system showing that error without doing a rollback or any other changes, and when it came up it was green and said protected but on the update tab show all modules detail window it was blank. Could tell it wasn't scanning files, was able to download Eicar and a common blocked PUP utility without issue and scan them manually without them being flagged as well. This was fixed with a 24h rollback. I can't say that would be the case on your systems but would recommend either further testing (like a reboot) or the rollback, though if they are not rebooted and a new module is released and it updates, this should also be OK.

just going to update my post that we found a reboot on a system affected with this error/bad module would then be unprotected, so I would recommend deploying a module rollback task for 12 or 24 hours, depending on your availability to check on things after the rollback expires to give ESET time to fix the modules on their end. Thanks to ESET support for going through all this over the phone with me and gathering some additional data!

About 50 Windows Server 2012 R2 affected, also have two Windows 8.1 Desktops with Eset Endpoint Antivirus (one on an older 7.x build) that also have the same error. I have tested a module rollback on one server, and it seems to initialize just fine on the older modules. I'm not entirely sure it's 100% non-functional as it still blocks an eicar on both the rollback and non-rollback server but I'd like to know when a new module is available to force an update and know if we need to reboot all the servers tonight to clear the errors or if it'll clear all the red in the console without that Edit: Also support hasn't picked up the call for almost an hour now, would be nice if they had a way to update the voice IVRs to let people know it's a known issue rather than park what's likely hundreds of calls on hold.

Am also seeing this across every Server 2012 R2 ESET Server security install, been on hold for USA Business support for 10 minutes trying to check with them about this. I don't think I've seen it on newer server versions but as far as I'm aware 2012R2 should still be supported by ESET for another year?

Is anyone else starting to have issues after the latest 2210 build of Outlook or across multiple 7-9.x ESET versions where Outlook will just stop updating the Inbox and it seems to be that even disabling the ESET Outlook plugin it is still stuck? We are removing the OST file from the client and letting it rebuild/resync and that seems to fix it but it seems to be a recent new issue with either MS or ESET and I'm not seeing many other people report this so wondering if it is some ESET conflict...

I also received this response from samples@eset.sk: Thank you for your submission. It was a false positive of our scanner and this issue is fixed in current version of detection engine. Regards, ESET Malware Response Team

I'm also just now seeing this on the same APP_Web_%random%.dll files on multiple Exchange 2016 servers that have no open HTTPS to the internet and the file date from months and months ago... Also briefly checked the strings of the file and I don't see anything obvious or any other drops in the same folder as would be expected. I've reported the file to samples@eset.com as a possible False Positive but it would be great to have someone from Support confirm this issue. Thanks

Confirmed, working now in California, USA as well. My guess is someone mucked up whatever updates valid license files on the update servers or a partial file was synced up or something like that. Might be hard to catch that type of thing internally but hopefully it won't happen again... Thanks everyone

I have also sent license details and ESET Log Collector log in private message but need to sleep now will check back in morning.

Thanks makes me feel better that it's not just me while I delete the hundreds of emails I've also filled out an online support form here ESET North America Support » Business & Enterprise (Server Product) Support » Modules update error or other error message https://www.eset.com/us/support/contact/ Just to see if that helps get it solved faster.

Just getting flooded here with what seems to be every single ESET File Security server complaining about "Update authorization failed. Please check if your license is valid." Checked and license usage is less than the total as well, is there something wrong with the Update server or should we contact support about the licensing issue? Thanks

Cool I'll boot it back up and update now, this was a pretty bad one since it borked out Exchange... I can kind of see how it could be missed as without triggering the recompile of the OWA dlls it could be hard to catch in automation but it would be appreciated if that's figured out before the next panic attack.

Thanks for posting this here as well, came here first and didn't see a peep, can also confirm this is happening on multiple Exchange 2010 servers. Thanks for the spiceworks link!

Working again for me as well. I know this has happened in the past once or twice as well but usually it came back quicker. Is there any suggested remediation when/if this occurs again? Are you changing the DNS entry of the repo server so we should flush DNS caches or is it some other internal issue where we can't do anything that would help?

Yup, exactly the same scenario I'm experiencing as well, on 6.5.522 and with the Us repository settings...

Hi, I am also seeing this on about 35 clients on 5.0.2237 Doesn't sound like updating will fix this? Can you also PM me instructions? Thanks, Russell

We have 40 configs because we have different email reporting settings and scheduled scan settings based on each regional group (CA, NV, UT, etc) It's actually rather easy right now, we just copy the XML config, find and replace things in it and save it as the new config, then save as in manage packages, give it the new name and pick the xml config, then export the EXE and rename it. The problem is that we need to email out the exe installer to these end users and just have them double click it, and have it go into the right group. We have no idea what they have named their BYOB computers, so it's hard to just put them in the right group after the fact. It is administrative hell but it was really easy in ERA 5 and before, which is why we chose ESET in the first place. The parameters for dynamic groups aren't able to do this, so we would end up with everyone in one group with one config and have to manually move them after confirming computer names. We don't like the HTTP Proxy for security reasons, we aren't allowed to run a proxy server open to the world. So it's good to hear that the mirror is coming back. The install with custom configuration is highly necessary as well so hopefully that will be added back. I think we'll just have to wait it out. I've spun up another VM to run ERA 6 just to keep playing with it on a few computers and make sure the client is stable and still performs well.

Ok, so lets see if anyone has any ideas about how I can do this better... I use ESET RA 5 right now with 400 clients. I use Mirror for updates, and I use IIS to serve those updates (virtual directory/password control etc) since the ERA HTTP server has always been slow and buggy. I have about 40 different XML config files, that I export installers for from RA 5 to the single EXE, then distribute and script/deploy for install. None of the systems are on domain or even attached to each other so push from RA has never been an option. I need to maintain everything including the separate client installs, and the single file installs. This was easy with the manage packages and export to logon script method. I need to migrate individual user by individual user, AKA I can't just rip all V5 out over a weekend and have V6 running the next day. It will take at least a week or two to move through all the users and make sure they all upgrade, so I need to keep updates working for V5 during this period. Also, I've been reading about lots of slowdowns and other complaints about V6... I just went through all the licensing mess, and if that was the only major change I'd be fine with it... So I really can't see how I can achieve this upgrade until the following are complete: 1. Way to maintain and deploy agent and endpoint together as a small! EXE installer with unique XML config per group. This should seamlessly upgrade over an EEA v5 with a password as long as the new password is the same. I need to do this in one step and not have to find the computer name and move it to a group later. 2. Way to have the ERA server download mirror updates to a folder so I can preserve IIS hosting updates and keep EEA v4/v5 clients updating at least during the install. I'm NOT using the EFSW client to do this, and it would be nice to have options for signature update release based on the group (rapid/normal etc) So far this is a huge step backwards and I'm not even getting into how poor the new UI design is. I think I'm going to have to spin up another VM just to run ERA 6 in transition, but I'm not looking forward to dealing with these issues. Any ideas on how to get around this, or should I just wait for ERA 7?