Jump to content

Windows 10 1703 (Creators Update) wrongly reports ESET EAV 6.5.2107 as out of date.


fxcd
 Share

Recommended Posts

On all computers in our company running Windows 10 Enterprise 1703 (Creators Update, Build 15063), Windows constantly reports that ESET Endpoint Antivirus (version 6.5.2107.0) is out of date (in the Action Center, as well as under "Control Panel\System and Security\Security and Maintenance"). However the ESET EAV GUI itself claims that the virus signature database is up to date.

FYI: we test-installed the current BETA EAV 6.6.2031.0, where the problem appears to be fixed. However, we cannot deploy a BETA version to production systems, especially as it is not fully configurable via the current ERA release. Is there any chance there will be a hotfix for this bug in 6.5 before 6.6 is released?

I noticed this problem has been mentioned as part of another thread in
https://forum.eset.com/topic/12132-eset-endpoint-security-65-cant-install-on-windows-10-with-creators-update/?do=findComment&comment=62014

However I am opening a new topic for this, as it appears to me to be an unrelated issue to the "can't install" problem.

 

Link to comment
Share on other sites

  • ESET Staff

Hello, I would like to recommend to you to open a ticket with the official ESET Support. I have asked our internal QA teams to attempt to replicate the issues, but without success, so it might be related to specifics with your environment. 

Can you at least send us exported configuration of your Endpoint client, and check if the system time is correctly set. 

Link to comment
Share on other sites

The system time for all our endpoints is correct. Time is synchronized within our Windows Domain.

Note that the problem only affects endpoints running Windows 10 1703. Endpoints running Windows 10 Enterprise 2015 LTSB, Windows 8.1 or Windows 7 are not affected by the issue.

I will open a ticket with the official support and send in an exported configuration.

Link to comment
Share on other sites

i also have this problem, on many machines (including new ones) the security center says eset is not up to date, eset itself says it's updated

Link to comment
Share on other sites

  • ESET Staff

Hello, was it an upgrade from previous version or a fresh install? Does the problem persist after uninstall, reboot and reinstall? 

Link to comment
Share on other sites

  • ESET Staff

One of the suggestions to try:
- temporarily disable Self-defense
- restart the computer
- run Regedit and delete the value HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info\WscState

- re-enable Self-defense

- restart the computer.

 

Looking forward to hearing about the result.

  0
Link to comment
Share on other sites

Hi,

Most of the machines were upgraded from version EAV 6.5.2094 (where the problem already existed). At least one got the current version 6.5.2107 right from the beginning. The problem persists after uninstall, reboot and reinstall.

I need a little more info to try your suggestion: Where do I find "disable Self-defense" in ESET Endpoint Antivirus? Is it equivalent to right-clicking the ESET icon in the systray and selecting "Pause protection"? (When I do that, both HIPS and Anti-Stealth protection stay enabled. Is that OK or do I need to disable them, too?)

Link to comment
Share on other sites

  • ESET Moderators

Hello Fxcd,

no is not connected to the Pause protection.

To disable Self-defense open the ESET main GUI, press F5 to get to the advanced setup, go to Antivirus -> HIPS -> untick the Enable self-defense option. System reboot is required to apply the setting both for disabling and enabling Self-defense.

Regards, P.R.

Link to comment
Share on other sites

Thanks for the detail. Unfortunately, There is no value WscState under
HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info

I searched and found both a @WscState and a WscState value under
HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Plugins\01000600\settings\EKRN_CFG

Is it any of those?

I checked the registry on two computers (a physical and  a virtual machine, both running Windows 10 1703).

Link to comment
Share on other sites

  • 2 weeks later...

Hi,

With the help of the ESET support, we finally found the source of the problem:

In our ESET policy, under "Advanced Setup -- Update -- Outdated Virus Signature Database Alerts", the EAV setting "Set maximum database age automatically" was set to FALSE, because we wanted a shorter maximum database age than the default of 7 days.

As soon as the setting "Set maximum database age automatically" was set to TRUE, Windows 10 1703 did not report EAV as being out of date anymore.

However, this appears to be a bug in ESET, as the problematic behaviour is caused by a legitimate ESET configuration setting and does not appear with Windows Versions earlier than Win 10 1703.

2017-07-11 08_44_03-Advanced setup - ESET Endpoint Antivirus.png

Link to comment
Share on other sites

7 hours ago, Peter Randziak said:

Hello Fxcd,

thank you for letting us know, we will check it internally.

Regards, P.R.

@MichalJ @Peter Randziak

Just letting you both know. 
This is the same issue I've been seen on my side where ESET 6.5.2107 hasn't fixed.
I have tested that Maximum Age thing. 

It has successfully resolved it. but As @fxcd said. This is definitely a bug that shouldn't have occurred.

 

Thank you all for sharing the information @fxcd - Especially thanks for bringing it up again, as I was starting to wonder what happened to my request, and your detailed info helped me find that setting in our policy

Edited by avielc
Update
Link to comment
Share on other sites

  • ESET Moderators

Hello guys,

thank you very much for your inputs.

Our QA has successfully reproduced in issue in house based on them and reported it to the Development team for analysis.

Regards, P.R.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...