Jump to content

ESET automatic module updates stop running on client computers randomly


Recommended Posts

Windows 7 and Windows 10. ESET A/V version 7.3.2032, 7.3.x, ESET Agent version 7.2.1266.0

I am seeing various random users complain their ESET is out of date and they are then blocked from connecting to our Corp network VPN as it checks to ensure A/V is up to date. This is random. I don't know how long this has been an issue since we just started looking into it.

Looking at the remote Workstation or Laptop ESET tools, log files, Events.. it shows the updates just stopped running at a certain date. No errors after that date and no tries as far as the log shows. What would cause the auto updates to randomly stop at the remote workstation client? Example attached where the log just stopped. The image was taken on 2/25/2021 and as you can see the event log stopped showing updates on 2/15/2021. Having user reboot computer seems to get auto updates running again on most of the ones that have been reported.

ESET_updates_Fails.jpg

Link to comment
Share on other sites

  • Administrators

In order to troubleshoot the issue, I'd recommend the following:

1, On one of the machines change the logging verbosity from Informative to Diagnostic

image.png
Change the maximum the detection engine age to 1 so that that the protection status of the computer changes in the ESET PROTECT console if the engine is 1 day old:

image.png

2, On another troublesome machine uninstall EP7.3, reboot the machine and install the latest v8 from scratch.

3, On another machine with v7.3 delete the default update task and create it manually from scratch.

 

Let us know if the issue is resolved on the 2nd and / or 3rd machine. When the issue occurs on the first one, provide logs collected with ESET Log Collector from that machine. The event log should show more detailed information about update and update attemptps.

Link to comment
Share on other sites

1 hour ago, Marcos said:

1, On one of the machines change the logging verbosity from Informative to Diagnostic

We have about 1500 end points. Since we don't know which one/s will have the issue next, would it hurt to enable Diagnostic for all end points for a while and leave other settings as the default, or would it create super huge logs and cause an issue?

Link to comment
Share on other sites

  • Administrators

Enabling diagnostic logging verbosity also enables logging of every accessed url in the Filtered websites, ie. opening a particular web page may result in several dozens of records logged.

Maybe you could start with upgrade to the latest Endpoint v8 and see if it makes a difference.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...