Jump to content

ESET Endpoint Security Update: Unauthorised Access


Recommended Posts

I have successfully installed an agent on Windows 8.1 laptop. The machine has registered in the ERA and from there I was able to push the installation of v6 on top of v5 already installed. Again, no problems during the install, but I could not update the virus database afetrwards. I have seen this on other Windows machines before and the GUI recommended reboot anyway, so I have done it, but the laptop is still unable to download the virus DB update. It comes up with: 'unauthorised access' message. I assumed that it might be a problem with the license, but I still have 2 spares. I have also temporarly stopped the firewall on the server side, but this did not make any difference. I had a look at the manual, but it does not mention this specific problem. Is it possible that the installing v6 without uninstalling v5 first, corrupted something?

 

ESET Endpoint Security 6.2.2033.0

ESET Remote Administrator Agent 6.2.190.0

 

Many thanks

Link to post
Share on other sites

I have tried that and the product is now activated, so that solved part of the problem, but I still cannot update the database. I've exported the log:

 

<?xml version="1.0" encoding="utf-8" ?>
<ESET>
<LOG>
<RECORD>
<COLUMN NAME="Time">30/11/2015 11:56:05</COLUMN>
<COLUMN NAME="Module">Update module</COLUMN>
<COLUMN NAME="Event">Unauthorized access.</COLUMN>
<COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN>
</RECORD>
<RECORD>
<COLUMN NAME="Time">30/11/2015 10:25:36</COLUMN>
<COLUMN NAME="Module">Update module</COLUMN>
<COLUMN NAME="Event">Unauthorized access.</COLUMN>
<COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN>
</RECORD>

Link to post
Share on other sites
  • Administrators

Just to make sure, is Endpoint configured to update from ESET's servers? Do workstations connect to the Internet via a proxy server that requires authentication? If so, is the proxy server as well as authentication configured properly in Endpoint?

Link to post
Share on other sites

The upgrade over the top from 5 to 6 can cause issues as you are describing. I would download eset uninstall tool and run it in safe mode. After running the tool check hkey-local-machine-software-eset and same in hkey-current-user and delete eset in here as well. Del eset from program files if still in there. CCleaner will also clean many eset leftovers as well. Make sure ehdrv is not present in windows-system32-drivers. Push out from era console and u should be good to go.

Link to post
Share on other sites
  • Administrators

ERA v6 no longer creates a mirror. What update server is selected in the update setup on clients? How is the mirror for v6 created and how are the files distributed / downloaded by clients? (http, smb)

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...