GregA 3 Posted February 26, 2021 Share Posted February 26, 2021 Windows 7 and Windows 10. ESET A/V version 7.3.2032, 7.3.x, ESET Agent version 7.2.1266.0 I am seeing various random users complain their ESET is out of date and they are then blocked from connecting to our Corp network VPN as it checks to ensure A/V is up to date. This is random. I don't know how long this has been an issue since we just started looking into it. Looking at the remote Workstation or Laptop ESET tools, log files, Events.. it shows the updates just stopped running at a certain date. No errors after that date and no tries as far as the log shows. What would cause the auto updates to randomly stop at the remote workstation client? Example attached where the log just stopped. The image was taken on 2/25/2021 and as you can see the event log stopped showing updates on 2/15/2021. Having user reboot computer seems to get auto updates running again on most of the ones that have been reported. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,189 Posted February 26, 2021 Administrators Share Posted February 26, 2021 In order to troubleshoot the issue, I'd recommend the following: 1, On one of the machines change the logging verbosity from Informative to Diagnostic Change the maximum the detection engine age to 1 so that that the protection status of the computer changes in the ESET PROTECT console if the engine is 1 day old: 2, On another troublesome machine uninstall EP7.3, reboot the machine and install the latest v8 from scratch. 3, On another machine with v7.3 delete the default update task and create it manually from scratch. Let us know if the issue is resolved on the 2nd and / or 3rd machine. When the issue occurs on the first one, provide logs collected with ESET Log Collector from that machine. The event log should show more detailed information about update and update attemptps. Link to comment Share on other sites More sharing options...
GregA 3 Posted February 26, 2021 Author Share Posted February 26, 2021 1 hour ago, Marcos said: 1, On one of the machines change the logging verbosity from Informative to Diagnostic We have about 1500 end points. Since we don't know which one/s will have the issue next, would it hurt to enable Diagnostic for all end points for a while and leave other settings as the default, or would it create super huge logs and cause an issue? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,189 Posted February 28, 2021 Administrators Share Posted February 28, 2021 Enabling diagnostic logging verbosity also enables logging of every accessed url in the Filtered websites, ie. opening a particular web page may result in several dozens of records logged. Maybe you could start with upgrade to the latest Endpoint v8 and see if it makes a difference. Link to comment Share on other sites More sharing options...
Recommended Posts