Hi,
Thanks for your reply, I have since got the Active Directory Computer Startup Script to work (from the link I posted above), so it re-installs the software when needed and that seems to have fixed the Desktop PCs, it's not ideal for Notebooks as they may install the Windows update while out the office and it then means they can login in without 2FA after a major Windows Update, until they connect back up to office network... but I guess I can manage the updates so they only get installed while they are in the office.
Sorry I don't have time to create a support ticket right now, but the PCs had Windows 10 1709 and after they updated to Version 1803 ESET 2FA no longer asked for a OTP, we have installed Windows Login Protection and RDP login protection on all machines.
As I say creating the machine login scripts seems to have solved it,.