Piter 0 Posted February 14, 2020 Share Posted February 14, 2020 11 minutes ago, Marcos said: Should remote install fail, make sure that the maximum size of installation packages is set to 150 or more MB via a policy.(...) That's good point. Anyway I can confirm positive upgrade from 2265 to 2272 through ERAv5 with Custom Package. Clients upgrade is in progress Link to comment Share on other sites More sharing options...
Frustrated!! 1 Posted February 14, 2020 Share Posted February 14, 2020 6.5.12014.1 fix? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted February 14, 2020 Administrators Share Posted February 14, 2020 3 minutes ago, Frustrated!! said: 6.5.12014.1 fix? It can be fixed by using the current version of CertFix. Also there are 6.5 EFSW installers with a fixed version available for download. Please check the red alert on the top of this forum for links. Link to comment Share on other sites More sharing options...
Glitch 3 Posted February 14, 2020 Share Posted February 14, 2020 23 hours ago, Glitch said: @Marcos What about the endpoints that request a username and password when you go to advanced settings after applying the patch? Also any update if we NEED to update after applying the 6.5 patch? Like 10000+ workstations updaten without any era would take a few months. Any update on this? Link to comment Share on other sites More sharing options...
Disgruntledtech 0 Posted February 14, 2020 Share Posted February 14, 2020 (edited) I got the custom install working. Disregard previous post Edited February 14, 2020 by Disgruntledtech Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted February 14, 2020 ESET Staff Share Posted February 14, 2020 @Glitch 6.5 is kept in support only for the Windows XP. If you do not have Windows XP in your portfolio, we recommend to install a newer version, especially version 7. Also, considering the size of the network (10 000 devices), what is the reason you have chosen to not use ESMC / ERA? It would make your life a lot easier. Also, for the version 7.2, we are planning to introduce automatic product updates, that will keep the Endpoints on the latest version, so such difficulties will be prevented. Is there any particular reason, why you want to stick with the older version besides the workload it would generate? Also, what is your standard "software update" policy, meaning how is software life-cycle handled for other products you use? Just a side note, not to annoy you, but to explain the situation a bit: with dramatically changing "ecosystem variables" (Microsoft releasing Windows 10 2-times a year, and Apple having annual release cycles), us as software vendors have no other choice, than to adopt more aggressive life-cycle policies, and towards the future abandon "versioning" as we were used to it, and more move towards the "as a service" model, meaning you have your subscription and ESET guarantees a working version, which will update itself without you taking care of it. Our cellphones are doing it, office is doing it, and security software (in order to work efficiently for you) have to do it as well. Link to comment Share on other sites More sharing options...
Glitch 3 Posted February 14, 2020 Share Posted February 14, 2020 3 minutes ago, MichalJ said: @Glitch 6.5 is kept in support only for the Windows XP. If you do not have Windows XP in your portfolio, we recommend to install a newer version, especially version 7. Also, considering the size of the network (10 000 devices), what is the reason you have chosen to not use ESMC / ERA? It would make your life a lot easier. Also, for the version 7.2, we are planning to introduce automatic product updates, that will keep the Endpoints on the latest version, so such difficulties will be prevented. Is there any particular reason, why you want to stick with the older version besides the workload it would generate? Also, what is your standard "software update" policy, meaning how is software life-cycle handled for other products you use? Just a side note, not to annoy you, but to explain the situation a bit: with dramatically changing "ecosystem variables" (Microsoft releasing Windows 10 2-times a year, and Apple having annual release cycles), us as software vendors have no other choice, than to adopt more aggressive life-cycle policies, and towards the future abandon "versioning" as we were used to it, and more move towards the "as a service" model, meaning you have your subscription and ESET guarantees a working version, which will update itself without you taking care of it. Our cellphones are doing it, office is doing it, and security software (in order to work efficiently for you) have to do it as well. It is because a large majority of the clients we manage is still using windows XP, they also use the NANO updates as it is not a single network. We are an MSP. Our new installs are 7.1 or 7.2. As ESET is also terible in managing high latency connections we can't use the ESMC as there are too many timeouts. I already explained this a couple of times on calls with ESET HQ in Bratislava and also when I visited the HQ. So are we planning to stay on 6.5 , no but upgrades will take time and will cost time and need to be planned we can't force our clients at this moment as their connections don't allow it to receive large amounts of data such we need months. Next to that the new updates are larger than the old updates. Yes yes we know the latest the greatest, for customers we do 24/7 SOC services we only have the latest versions install and so but we are in a specific sector that it is not possible. And yes I agree updating is better and so one but that is all for another time. At this time it is important that we can: 1. Rectify all machines back 2. Start protection again. 3. Get them updated. Link to comment Share on other sites More sharing options...
esined 0 Posted February 14, 2020 Share Posted February 14, 2020 3 hours ago, Piter said: That's good point. Anyway I can confirm positive upgrade from 2265 to 2272 through ERAv5 with Custom Package. Clients upgrade is in progress Hi @Piter what file did you use to do this? I tried hxxp://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/eea_nt64_enu.exe but it fails and I thought it has to be a .msi file? Did you choose windows push, windows push (WMI) or Windows upgrade client? Link to comment Share on other sites More sharing options...
alur 1 Posted February 14, 2020 Share Posted February 14, 2020 Thank you for fixing Endpoint 5.0, there are small problems on some clients, but in General everything is normal. Link to comment Share on other sites More sharing options...
Piter 0 Posted February 17, 2020 Share Posted February 17, 2020 On 2/14/2020 at 3:49 PM, esined said: Hi @Piter what file did you use to do this? I tried hxxp://repository.eset.com/v1/com/eset/tools/certfix/v1/latest/eea_nt64_enu.exe but it fails and I thought it has to be a .msi file? Did you choose windows push, windows push (WMI) or Windows upgrade client? Hi @esined sorry for late answer. I've used the .exe file. In package manager in RA you have to create new custom package (separate for x86 and x64 architecture) and then deploy it through Windows Push - Custom Package. You'll need to provide administrative credentials. Link to comment Share on other sites More sharing options...
lasek101 1 Posted February 18, 2020 Share Posted February 18, 2020 (edited) Generally patch for 6.5 works, but we have some stations where patch was applied, but on ERA console station still is in alert 'product is installed but is not running' . certfix.exe output: FileVersion of this tool: 1.0.0.5 ------------------------------------------------------------------------------- Patch already applied but on era console: Edited February 18, 2020 by lasek101 Link to comment Share on other sites More sharing options...
vgoncalves 0 Posted February 19, 2020 Share Posted February 19, 2020 Hi, already patched hundreds of systems but running CertFix in two servers with Server 2008 and ESET File Security 6.5.12007.0 I get the following error: Quote error: GetFileVersionInfoSize: 193 error: Can't get ekrn version (C:\Program Files\ESET\ESET File Security\x86\ekrn.exe)! How can I fix? PS: Servers already rebooted... Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted February 19, 2020 Administrators Share Posted February 19, 2020 4 minutes ago, vgoncalves said: Hi, already patched hundreds of systems but running CertFix in two servers with Server 2008 and ESET File Security 6.5.12007.0 I get the following error: How can I fix? PS: Servers already rebooted... Please provide logs collected with ESET Log Collector so that we can check if registry values that are supposed to exist actually exist. Link to comment Share on other sites More sharing options...
vgoncalves 0 Posted February 19, 2020 Share Posted February 19, 2020 17 minutes ago, Marcos said: Please provide logs collected with ESET Log Collector so that we can check if registry values that are supposed to exist actually exist. Sent you a PM with the logs... Thanks Link to comment Share on other sites More sharing options...
NuclearSSD 3 Posted February 19, 2020 Share Posted February 19, 2020 I have followed the guide but then removed 6.5 and install 7.1.12008.0 File Security... However still getting an issue with non-functional modules. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted February 19, 2020 Administrators Share Posted February 19, 2020 Please carry on as follows: - in the advanced setup -> tools -> diagnostics enable advanced network protection logging - reboot the machine - disable advanced logging - collect logs with ESET Log Collector and upload the generated archive here. NuclearSSD 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted February 20, 2020 Administrators Share Posted February 20, 2020 16 hours ago, WebbyTech said: I have followed the guide but then removed 6.5 and install 7.1.12008.0 File Security... However still getting an issue with non-functional modules. Looks like the machine was not rebooted after enabling advanced network protection logging. Anyways, the root cause of the errors is clear. For some reason the old driver epfwwfpr.sys was not removed during upgrade for an unknown reason. Please run the following command as an administrator and reboot the server: "sc delete epfwwfpr" Reinstallation of EFSW should not be necessary, however, should an error still be reported after the reboot try uninstalling EFSW and installing it from scratch. NuclearSSD 1 Link to comment Share on other sites More sharing options...
charlatan90 0 Posted February 20, 2020 Share Posted February 20, 2020 Any ideas why doesnt the ESET outlook add-ins doesnt work after applying the fix, and updating the clients to 7.2 I've tried reinstalling, re-enabling the outlook integration. Nothing seems to work. Link to comment Share on other sites More sharing options...
Snakeyes 1 Posted February 20, 2020 Share Posted February 20, 2020 So I just completed the fix and upgrade to ver7 (from ver 6.5 after running certfix 2.0) of File Security for roughly 50 servers. 7 of those servers are still reporting that the Web and email protocol filtering, network attack protection, and anti-phishing protections is non-functional. I've even did a complete uninstall reboot and fresh install of ver7. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted February 20, 2020 Administrators Share Posted February 20, 2020 17 minutes ago, Snakeyes said: So I just completed the fix and upgrade to ver7 (from ver 6.5 after running certfix 2.0) of File Security for roughly 50 servers. 7 of those servers are still reporting that the Web and email protocol filtering, network attack protection, and anti-phishing protections is non-functional. I've even did a complete uninstall reboot and fresh install of ver7. It could be the same issue as the one reported above. Please collect logs with ESET Log Collector and upload the generated archive here. Link to comment Share on other sites More sharing options...
NuclearSSD 3 Posted February 20, 2020 Share Posted February 20, 2020 4 hours ago, Marcos said: Looks like the machine was not rebooted after enabling advanced network protection logging. Anyways, the root cause of the errors is clear. For some reason the old driver epfwwfpr.sys was not removed during upgrade for an unknown reason. Please run the following command as an administrator and reboot the server: "sc delete epfwwfpr" Reinstallation of EFSW should not be necessary, however, should an error still be reported after the reboot try uninstalling EFSW and installing it from scratch. Definitely did this in the order you requested, enabled, rebooted, collected logs and sent them to you. I have done the same as above but still getting error. I am just going to try it is a slightly different order... Remove EFSW, Delete Service, Reboot then Reinstall..... Link to comment Share on other sites More sharing options...
NuclearSSD 3 Posted February 20, 2020 Share Posted February 20, 2020 45 minutes ago, WebbyTech said: Definitely did this in the order you requested, enabled, rebooted, collected logs and sent them to you. I have done the same as above but still getting error. I am just going to try it is a slightly different order... Remove EFSW, Delete Service, Reboot then Reinstall..... OK, so seems it is this service, but it does not remove when you ask it to! Order I took to resolve this issue... Remove EFSW Restart Server Run "sc delete epfwwfpr" in elevated cmd (Should get [SC] DeleteService Success) Restart Server Run "sc delete epfwwfpr" in elevated cmd - Yes again to make sure it has gone, you should get a different message... if you get "[SC] DeleteService Success" again then back to step 3.. this has to go before you install again. Install new version of EFSW Snakeyes 1 Link to comment Share on other sites More sharing options...
Snakeyes 1 Posted February 21, 2020 Share Posted February 21, 2020 20 hours ago, NuclearMotherboard said: OK, so seems it is this service, but it does not remove when you ask it to! Order I took to resolve this issue... Remove EFSW Restart Server Run "sc delete epfwwfpr" in elevated cmd (Should get [SC] DeleteService Success) Restart Server Run "sc delete epfwwfpr" in elevated cmd - Yes again to make sure it has gone, you should get a different message... if you get "[SC] DeleteService Success" again then back to step 3.. this has to go before you install again. Install new version of EFSW This process worked for me on all servers that I needed to run it on. I didn't have to do a 3rd reboot thankfully. NuclearSSD 1 Link to comment Share on other sites More sharing options...
esined 0 Posted February 25, 2020 Share Posted February 25, 2020 is anyone else having some computers that will not update to 5.0.2272 even with the certfix? Link to comment Share on other sites More sharing options...
Snakeyes 1 Posted February 25, 2020 Share Posted February 25, 2020 On 2/14/2020 at 5:15 AM, Frustrated!! said: 6.5.12014.1 fix? The fix has been posted for a few days now. The hyperlink in the red banner at the top of this page (if showing) will take you to it. if not check here... https://forum.eset.com/announcement/5-endpoint-50-65-and-eset-server-products-65-non-functional-as-of-feb-8-antivirus-and-antiphising-is-non-functional-reported/ Link to comment Share on other sites More sharing options...
Recommended Posts