Jump to content

ESET Endpoint Security Update: Unauthorised Access


pipboy3000

Recommended Posts

I have successfully installed an agent on Windows 8.1 laptop. The machine has registered in the ERA and from there I was able to push the installation of v6 on top of v5 already installed. Again, no problems during the install, but I could not update the virus database afetrwards. I have seen this on other Windows machines before and the GUI recommended reboot anyway, so I have done it, but the laptop is still unable to download the virus DB update. It comes up with: 'unauthorised access' message. I assumed that it might be a problem with the license, but I still have 2 spares. I have also temporarly stopped the firewall on the server side, but this did not make any difference. I had a look at the manual, but it does not mention this specific problem. Is it possible that the installing v6 without uninstalling v5 first, corrupted something?

 

ESET Endpoint Security 6.2.2033.0

ESET Remote Administrator Agent 6.2.190.0

 

Many thanks

Link to post
Share on other sites

I have tried that and the product is now activated, so that solved part of the problem, but I still cannot update the database. I've exported the log:

 

<?xml version="1.0" encoding="utf-8" ?>
<ESET>
<LOG>
<RECORD>
<COLUMN NAME="Time">30/11/2015 11:56:05</COLUMN>
<COLUMN NAME="Module">Update module</COLUMN>
<COLUMN NAME="Event">Unauthorized access.</COLUMN>
<COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Time">30/11/2015 10:25:36</COLUMN>
<COLUMN NAME="Module">Update module</COLUMN>
<COLUMN NAME="Event">Unauthorized access.</COLUMN>
<COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN>
</RECORD>

Link to post
Share on other sites
  • Administrators

Just to make sure, is Endpoint configured to update from ESET's servers? Do workstations connect to the Internet via a proxy server that requires authentication? If so, is the proxy server as well as authentication configured properly in Endpoint?

Link to post
Share on other sites

The upgrade over the top from 5 to 6 can cause issues as you are describing. I would download eset uninstall tool and run it in safe mode. After running the tool check hkey-local-machine-software-eset and same in hkey-current-user and delete eset in here as well. Del eset from program files if still in there. CCleaner will also clean many eset leftovers as well. Make sure ehdrv is not present in windows-system32-drivers. Push out from era console and u should be good to go.

Link to post
Share on other sites
  • Administrators

ERA v6 no longer creates a mirror. What update server is selected in the update setup on clients? How is the mirror for v6 created and how are the files distributed / downloaded by clients? (http, smb)

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...