Krzysztof L. 2 Posted November 19, 2020 Share Posted November 19, 2020 It looks like the problem is back again. I think Is is happen after todays update at 2PM. /opt/eset/esets/sbin/esets_daemon --version /opt/eset/esets/sbin/esets_daemon (esets) 4.5.15 There is a lot of /tmp/bt.esets_daemon.* files cat bt.esets_daemon.EkR1IE signal = 11 bad addr = 0xcfc00004 /opt/eset/esets/sbin/esets_update --verbose Naruszenie ochrony pamięci (translate: Memory protection violation) Esets hung in starting loop systemctl start esets.service Job for esets.service failed because a fatal signal was delivered to the control process. See "systemctl status esets.service" and "journalctl -xe" for details. "journalctl -xe" Nov 19 15:26:16 eset-mail esets_daemon[3065]: debug[0bf90000]: ESET Security Daemon, Version 4.5.15 Nov 19 15:26:16 eset-mail esets_daemon[3065]: debug[0bf90000]: Start Antivirus scanner initialization Nov 19 15:26:16 eset-mail esets_daemon[3065]: debug[0bf90000]: Searching for section dac in configuration Nov 19 15:26:16 eset-mail esets_daemon[3065]: debug[0bf90000]: Using configuration for section dac Nov 19 15:26:20 eset-mail esets_daemon[3071]: debug[0bff0000]: ESET Security Daemon, Version 4.5.15 Nov 19 15:26:20 eset-mail esets_daemon[3071]: debug[0bff0000]: Start Antivirus scanner initialization Nov 19 15:26:20 eset-mail esets_daemon[3071]: debug[0bff0000]: Searching for section dac in configuration Nov 19 15:26:20 eset-mail esets_daemon[3071]: debug[0bff0000]: Using configuration for section dac Nov 19 15:26:23 eset-mail esets_daemon[3078]: debug[0c060000]: ESET Security Daemon, Version 4.5.15 Nov 19 15:26:23 eset-mail esets_daemon[3078]: debug[0c060000]: Start Antivirus scanner initialization (...) Server : centos 7.9.2009 (64), rebooted. Burk 1 Link to comment Share on other sites More sharing options...
Burk 2 Posted November 19, 2020 Share Posted November 19, 2020 Quote same problem started the same time. Possible corruption of new patterns? same problem using RHEL 6 and also on CentOS7 daemon and eset_update throwing secmentation fault. Update logfile and systemctl status: [root@server eset]# cat /tmp/bt.esets_update.yBOi3p /lib/ld-linux.so.2(+0x9ab6)[0xf779bab6] /lib/ld-linux.so.2(+0x9ab6)[0xf779bab6] /lib/ld-linux.so.2(+0xa356)[0xf779c356] /lib/libc.so.6(+0x134aec)[0xf76d0aec] /lib/libc.so.6(_dl_sym+0x1a)[0xf76d0f8a] /lib/libdl.so.2(+0xdf1)[0xf775cdf1] /lib/ld-linux.so.2(+0xf9ba)[0xf77a19ba] /lib/libdl.so.2(+0x138c)[0xf775d38c] /lib/libdl.so.2(dlsym+0x58)[0xf775ce58] ./esets_update(_Z9nod_dlsymP11_nod_dll_t_PKc+0x3f)[0x809fccf] ./esets_update(_Z31AppGetProcAddressImplementationPvPKcPS_+0x25)[0x808bf34] ./esets_update(_Z12api_callbackjz+0x14fa)[0x8072d72] [0xf723295d] [0xf70c3f42] [0xee25c7e6] [0xee3f86fa] [0xee3f863a] signal = 11 bad addr = 0xcfc00004 [root@vm esets]# systemctl status esets ● esets.service - ESET Scanner Daemon Loaded: loaded (/usr/lib/systemd/system/esets.service; enabled; vendor preset: disabled) Active: inactive (dead) since Thu 2020-11-19 15:05:32 CET; 1h 36min ago Main PID: 35664 (code=exited, status=0/SUCCESS) Nov 19 15:05:05 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[92027] did not handle signal 11, restart in 0 seconds Nov 19 15:05:08 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57176] did not handle signal 11, restart in 0 seconds Nov 19 15:05:10 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57270] did not handle signal 11, restart in 0 seconds Nov 19 15:05:13 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57280] did not handle signal 11, restart in 0 seconds Nov 19 15:05:16 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57290] did not handle signal 11, restart in 0 seconds Nov 19 15:05:18 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57300] did not handle signal 11, restart in 0 seconds Nov 19 15:05:21 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57310] did not handle signal 11, restart in 0 seconds Nov 19 15:05:23 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57320] did not handle signal 11, restart in 0 seconds Nov 19 15:05:27 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57330] did not handle signal 11, restart in 0 seconds Nov 19 15:05:29 vm esets_daemon[35664]: error[8b500000]: Child process esets_daemon[57342] did not handle signal 11, restart in 0 seconds Link to comment Share on other sites More sharing options...
Olivier_B 0 Posted November 19, 2020 Share Posted November 19, 2020 Hi, same issue here on multiple servers. The following worked for me : - removed current esets package - purged /tmp/bt.esets* and /tmp/esets_update.lock and /etc/opt/esets (saving esets.cfg elsewhere) - installed an older version of esets ( still had the installer for 4.5.6.0) - Run esets_update Link to comment Share on other sites More sharing options...
povas 0 Posted November 19, 2020 Share Posted November 19, 2020 Same for me, on all Linux machines, both running SUSE and Centos. Do anybody have any solution for this? Link to comment Share on other sites More sharing options...
M3741 0 Posted November 19, 2020 Share Posted November 19, 2020 Can confirm. I'm having the exact same issue as of today. T430:/ # /opt/eset/esets/sbin/esets_daemon --version /opt/eset/esets/sbin/esets_daemon (esets) 4.0.93 T430:/ # T430:/ # ls -l /tmp/bt.esets_daemon.* | wc -l 143 T430:/ # cat /tmp/bt.esets_daemon.zQcNEM /lib/ld-linux.so.2(+0xac36)[0xf7f38c36] /lib/ld-linux.so.2(+0xac36)[0xf7f38c36] /lib/ld-linux.so.2(+0xb735)[0xf7f39735] /lib/libc.so.6(+0x14750b)[0xf7d2f50b] /lib/libdl.so.2(+0x1441)[0xf7ddd441] /lib/libc.so.6(_dl_catch_exception+0xa3)[0xf7d2fc53] /lib/libc.so.6(_dl_catch_error+0x30)[0xf7d2fd30] /lib/libdl.so.2(+0x1b11)[0xf7dddb11] /lib/libdl.so.2(dlsym+0x71)[0xf7ddd4c1] /opt/eset/esets/lib32/libesets.so.4(_Z9nod_dlsymP11_nod_dll_t_PKc+0x4b)[0xf7e4c732] /opt/eset/esets/lib32/libesets.so.4(+0x4a91e)[0xf7e6d91e] /opt/eset/esets/lib32/libesets.so.4(+0x16f1c)[0xf7e39f1c] [0xeda6d95d] [0xeb093f42] [0xe23637e6] [0xe24ff6fa] [0xe24ff63a] signal = 11 bad addr = 0xd4 T430:/ # Link to comment Share on other sites More sharing options...
M3741 0 Posted November 19, 2020 Share Posted November 19, 2020 4 minutes ago, povas said: Same for me, on all Linux machines, both running SUSE and Centos. Do anybody have any solution for this? I'm running openSuse Tumbleweed. Link to comment Share on other sites More sharing options...
Burk 2 Posted November 19, 2020 Share Posted November 19, 2020 solution (just tested with one of our systems) for our site: [root@vm /]# cd /var/opt/eset/esets/lib [root@vm lib]# mv em002_32.dat em002_32.dat.o [root@vm lib]# cd /opt/eset/esets/sbin/ [root@vm sbin]# ./esets_update --verbose Virus signature database has been updated successfully. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ |*| loader | 1076 (20200313) | | |*| perseus | 1566.4 (20201006) | | |*| engine | 22334 (20201117) | | |*| archiver | 1310 (20201029) | | |*| heuristic | 1203 (20201015) | | |*| cleaner | 1214 (20200921) | | | | | | �o}��Ue��o}��<{��0|�p6{�0�[�� | | | | | | | | | | | +-+--------------------+------------------------+------------------------+ [root@vm sbin]# ./esets_update --verbose Update is not necessary - the installed virus signature database is current. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ | | loader | 1076 (20200313) | 1076 (20200313) | | | perseus | 1566.4 (20201006) | 1566.4 (20201006) | | | engine | 22334 (20201117) | 22334 (20201117) | | | archiver | 1310 (20201029) | 1310 (20201029) | | | heuristic | 1203 (20201015) | 1203 (20201015) | | | cleaner | 1214 (20200921) | 1214 (20200921) | +-+--------------------+------------------------+------------------------+ [root@vm sbin]# systemctl start esets [root@vm sbin]# systemctl status esets ● esets.service - ESET Scanner Daemon Loaded: loaded (/usr/lib/systemd/system/esets.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2020-11-19 16:59:09 CET; 4s ago Process: 94942 ExecStart=/opt/eset/esets/sbin/esets_daemon (code=exited, status=0/SUCCESS) Main PID: 94943 (esets_daemon) CGroup: /system.slice/esets.service ├─94943 /opt/eset/esets/sbin/esets_daemon ├─94944 /opt/eset/esets/sbin/esets_daemon └─94945 /opt/eset/esets/lib/esets_wwwi Krzysztof L. and Dron 2 Link to comment Share on other sites More sharing options...
Dron 0 Posted November 19, 2020 Share Posted November 19, 2020 Hi, same here.. esets started to fail after today's update... Nov 19 15:28:30 mx2 esets_daemon[35373]: debug[8a2d0000]: Start Antivirus modules update ... Nov 19 15:29:24 mx2 esets_daemon[35372]: error[8a270000]: Child process esets_daemon[65332] did not handle signal 11, restart in 0 seconds Nov 19 15:29:24 mx2 esets_daemon[65342]: debug[ff3e0000]: Server is listening on /tmp/esets.sock.1202801592 Nov 19 15:29:27 mx2 esets_daemon[35372]: debug[8a270000]: Sessions processing done Nov 19 15:29:27 mx2 esets_daemon[35372]: debug[8a270000]: Waiting for child processes... Nov 19 15:29:27 mx2 esets_daemon[35372]: debug[8a270000]: Daemon exit now it looks like update nor daemon is failing, for example [root@mx2 ~]# /opt/eset/esets/sbin/esets_update --verbose Segmentation fault but just version info works... [root@mx2 ~]# /opt/eset/esets/sbin/esets_update -v /opt/eset/esets/sbin/esets_update (esets) 4.5.15 Link to comment Share on other sites More sharing options...
lberes 0 Posted November 19, 2020 Share Posted November 19, 2020 And the same here on CentOS 6. Link to comment Share on other sites More sharing options...
Michal Noga 0 Posted November 19, 2020 Share Posted November 19, 2020 My ex colleagues confirmed to me that they have the same issue. They are running on: Centos 7 x86_64 systemctl start esets.service Job for esets.service failed because a fatal signal was delivered to the control process. See "systemctl status esets.service" and "journalctl -xe" for details. Link to comment Share on other sites More sharing options...
M3741 0 Posted November 19, 2020 Share Posted November 19, 2020 I tried the "Windows Admin Approach" of uninstalling, downloading the latest installer and reinstalling the product and it seems to have worked. What was the underlying issue I have no idea. T430:/ # LANG=C systemctl status esets ● esets.service - LSB: ESET NOD32 Antivirus Loaded: loaded (/etc/init.d/esets; generated) Active: active (running) since Thu 2020-11-19 13:21:12 -03; 5min ago Docs: man:systemd-sysv-generator(8) Process: 1377 ExecStart=/etc/init.d/esets start (code=exited, status=0/SUCCESS) Tasks: 11 (limit: 4915) CGroup: /system.slice/esets.service ├─1484 /opt/eset/esets/sbin/esets_daemon ├─1485 /opt/eset/esets/sbin/esets_daemon └─1486 /opt/eset/esets/lib/esets_mac Nov 19 13:21:08 T430 systemd[1]: Starting LSB: ESET NOD32 Antivirus... Nov 19 13:21:12 T430 esets[1377]: Starting ESET NOD32 Antivirus..done Nov 19 13:21:12 T430 systemd[1]: Started LSB: ESET NOD32 Antivirus. /me tips hat towards win admins out there. Link to comment Share on other sites More sharing options...
markner 1 Posted November 19, 2020 Share Posted November 19, 2020 my solution to get it running again, looks like a bad file(from another post I think): mv /var/opt/eset/esets/lib/em002_32.dat /var/opt/eset/esets/lib/em002_32.dat.old systemctl stop esets rm -rf /tmp/*update.lock; /opt/eset/esets/sbin/esets_update --verbose systemctl restart esets systemctl status esets Krzysztof L. 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,601 Posted November 19, 2020 Administrators Share Posted November 19, 2020 We are currently rebuilding the engine to fix the issue. Will keep you posted. We apologize for the inconvenience. Link to comment Share on other sites More sharing options...
Dron 0 Posted November 19, 2020 Share Posted November 19, 2020 (edited) yum remove esets and redeploy with current esets worked for me now (probably only until auto update triggers...) Edited November 19, 2020 by Dron Link to comment Share on other sites More sharing options...
povas 0 Posted November 19, 2020 Share Posted November 19, 2020 The solution posted by markner and also indicated to me by Burk worked for me also, but the virus signature is from 2 days ago. Let's wait for the ESET team to fix it. Link to comment Share on other sites More sharing options...
Krzysztof L. 2 Posted November 19, 2020 Author Share Posted November 19, 2020 (edited) I also confirm that solution from you all is working. Thank you all. (Burk code) cd /var/opt/eset/esets/lib ls -la mv em002_32.dat em002_32.dat.o cd /opt/eset/esets/sbin/ ./esets_update --verbose systemctl start esets systemctl status esets Povas i agree, we need to wait for next update. Edited November 19, 2020 by Krzysztof L. typo Link to comment Share on other sites More sharing options...
povas 0 Posted November 19, 2020 Share Posted November 19, 2020 Already update to 22348, seems to be working fine, now the signature is current. Link to comment Share on other sites More sharing options...
Krzysztof L. 2 Posted November 19, 2020 Author Share Posted November 19, 2020 27 minutes ago, povas said: Already update to 22348, seems to be working fine, now the signature is current. Yes, i also confirm that everything works good for now. Link to comment Share on other sites More sharing options...
FHolzer 0 Posted November 19, 2020 Share Posted November 19, 2020 had the same issue. thanks for creating the post @Krzysztof L. this year you saved me time Well i guess i did it the last 4 years @Marcos Can confirm it was a corrupt perseus / em002_32.dat Link to comment Share on other sites More sharing options...
ESET Moderators Solution ESET Security Forum 39 Posted November 20, 2020 ESET Moderators Solution Share Posted November 20, 2020 Please see our knowledgebase article for the latest information related to this issue:https://support.eset.com/en/alert7704-detection-engine-22346-showing-false-positive Link to comment Share on other sites More sharing options...
Help Desk San 1 Posted November 20, 2020 Share Posted November 20, 2020 Japan time 2020/11/10 23:30 to /opt/eset/esets/sbin/esets_daemon has all stopped. Does engine 22348 solve this problem? Link to comment Share on other sites More sharing options...
povas 0 Posted November 20, 2020 Share Posted November 20, 2020 Yes, it solved it for me, no problems since yesterday evening. Now the engine is on 22350. Link to comment Share on other sites More sharing options...
ThorstenJ 0 Posted November 21, 2020 Share Posted November 21, 2020 Question: Your solution says "Delete content of modules directory in /var/opt/eset/esets/lib/" Do you mean only files in this folder or all subfolders also (rm -r )? Link to comment Share on other sites More sharing options...
markhyde 0 Posted November 24, 2020 Share Posted November 24, 2020 On 11/20/2020 at 12:44 AM, ESET Security Forum said: Please see our knowledgebase article for the latest information related to this issue:https://support.eset.com/en/alert7704-detection-engine-22346-showing-false-positive That link is now returning 404. Has it been deleted, and is there a newer replacement knowledgebase article? Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 924 Posted November 24, 2020 ESET Moderators Share Posted November 24, 2020 On 11/21/2020 at 8:05 AM, ThorstenJ said: Question: Your solution says "Delete content of modules directory in /var/opt/eset/esets/lib/" Do you mean only files in this folder or all subfolders also (rm -r )? rm -rf /tmp/esets_update.lock /var/opt/eset/esets/lib/* /opt/eset/esets/lib/esets_modules Peter Link to comment Share on other sites More sharing options...
Recommended Posts