V11 .msi silent install fails

[coch 5]

Command line (from an administrator CMD window):

msiexec /i "eav_nt64.msi" /qn /log log.txt

Fails to complete install (progress bar rolls back changes and installer exits).

Following error found in log.txt:

Error 1406. Could not write value ProductACode to key \Software\ESET\ESET Security\CurrentVersion\Info.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.

EDIT: Error still occurs after setting registry permission to Everyone = Full control for key "HKEY_LOCAL_MACHINE\SOFTWARE\ESET", and taking ownership of the key.

 

EDIT 2: Clarified that I am running CMD with Administrator rights, of course.

 

EDIT 3: Using /qb instead of /qn displays two errors (cannot write registry key) during install, which can be ignored and the install can complete. The registry key HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info does exist after installing this way. Looks like the installer throws an error about not being able to write to this registry key when in fact it can.

 

Edited October 26, 2017 by coch

[coch 5]

Aha! found a fix to my own issue, or workaround... or a hack actually:

I was able to fix by modifying the .msi installer with SuperOrca, as follows:
- Open SuperOrca.
- Search for ProductACode.
- Open section Registry.
- At the ProductACode line, replace #[PRODUCT_A_CODE] with [ProductACode]  --> this was only a guess from me, but I thought it was off that the string looked different from the one just above, so I made it look the same by typing [ProductACode] in there.
- In the line just below (line should be called ProductBase), replace #[PRODUCT_BASE] with [ProductBase]. This is the second registry error that appeared when using /qb
- Save the .msi.
- Silent install now works without errors, and didn't see anything wrong so far with the functioning of NOD32.

 

Still seems to me like the installer has bugs which should be fixed officially instead of using hacks like this.

[Marcos 4,919]

Consumer products are not distributed as msi installers but with a bootstrapper as an executable. Extracting msi and running it will not work properly, a bootstrapper is needed to accomplish all tasks required for a successful install.

[coch 5]

Thanks Marcos.

I understand consumer products aren't offered as .msi installers. However, the .msi installers are available straight from ESET servers, so surely they are meant for someone (non-consumers?), and that someone will likely run into the same problem I did if they try to silently install.

 

Personally, I don't need my installer to absolutely be a .msi, but I do need silent install and I didn't find a way to achieve that other than using the .msi installer.

Is there a way to achieve silent install with the regular .exe installer, including picking up the configuration file so that NOD32 is configured as desired after install? (the old ADMINCFG=cfg.xml trick, which I confirm still works with v11 .msi installers by the way). If this is possible I

Edited October 26, 2017 by coch

[Marcos 4,919]

Could you please elaborate more on the use-case scenario?

[coch 5]

Well, it's not a very elaborate use case, I just like installers of software that I use to have silent install switches, that's all.

This is what allows me to reformat, reinstall Windows, and run a batch file that I wrote which installs all drivers and software that I use silently and unattended. I like to reformat/reinstall Windows frequently (roughly every month or so), and this makes the difference between a 20 minute operation (silent, automated installs) and a few hours of manually installing and configuring all software.

Edited October 26, 2017 by coch

[coch 5]

So, anyone knows of silent install switches for installing using the regular .exe installer (not the .msi installer)?

[NBPC 1]

I to am having the issue with installing Version 11 Nod32 in unattended mode.

As a system builder we use ESET exclusively. Systems are prepped for shipment with a logon script that installs the apps into the end user profile at first login. The last being the ESET ready to accept the license key or start a trial

We have used the script method below for years, though in the last 4-5(??) years we had to grab the MSI from the temp folder after the MSI files were no longer downloadable.

::Installing Eset AntiVirus
msiexec.exe /i %windir%\Factory\Apps\ESET\ehs_nt64_enu.msi /qb! REBOOT="ReallySuppress" ADMINCFG="%windir%\Factory\Apps\ESET\Config.xml"

Starting with version 11 the following error occurs

Could not write value ProductACode to key \Software\ESET\ESET Security\CurrentVersion\Info.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.

To test, installing from the EXE in interactive mode does not cause the issue and installs without an error.

So I'm guessing a value needs passed with the msiexec command but not sure at this point what that is.

ESET has never provided an OEM method of installing and though I have spoken to sales team about this I have always had to come up with a scripting method. It would be great to be provided official OEM preinstall tools but will definitely settle for the value that needs passed with the MSI install

Any input form admins or users that have worked this out would be greatly appreciated and I will look into method proposed by "Coch" 

 

Edited November 20, 2017 by NBPC

[Marcos 4,919]

Home version does not support installation using msi file; there are operations that can only be performed by the bootstrapped executable which is mainly the reason for not providing msi installers for consumer products.

[novice 20]

On ‎10‎/‎26‎/‎2017 at 9:48 AM, coch said:

I like to reformat/reinstall Windows frequently (roughly every month or so)

What about restoring an image , rather than reformat/reinstall? Restoring an image is a 7 min operation.

[Marcos 4,919]

Use the bootstrapped exe installer and the following parameters:

--silent --accepteula

[NBPC 1]

Marcos

will the  -  or /  ADMINCFG= %path%/config.xml arguments also pass as before?

[NBPC 1]

I tried to use the switches suggested by Marcos on the exe and on the msi just to be sure.

There was no effect on the exe and the msi just threw up the options windows for msiexec.

Here is a work around that works well for my needs - use this at your own risk

Create a registry file to inject the values needed BEFORE using the msi install method.

This was created using a sample exe installation in normal interactive mode,  and exporting HKLM\\Software\ESET\ESET Security\CurrentVersion\Info

It took a little testing to trim down the keys to the bare minimum that had to be in place to allow the install to work silently and without error.

One value of concern was the "ProductVersion"="xx.xx.xx" but I found this was not needed so this should work thru the 11.xx versions - 

Here is the final registry key. I named mine "eavsilent.reg", adjust to your file naming methods accordingly. 

------------------------------------------------------------------------------------------------------------------------------------

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]

"ProductACode"=dword:0000006a
"ProductACodeStr"="com.eset.apps.home.security.windows"
"ProductBase"=dword:00000000
"ProductType"="eav"
"ProductName"="ESET NOD32 Antivirus"

------------------------------------------------------------------------------------------------------------------------------------

So now the heart of the final working script is like this

::Installing Eset AntiVirus
reg import %your_path%\eavsilent.reg
msiexec.exe /i %your_path%\ehs_nt64_enu.msi /qb! REBOOT="ReallySuppress" ADMINCFG="%your_path%\Config.xml"

Perhaps one day ESET will supply the OEM markets (hopefully with a "Provided by" branding insert) with a supported solution for the partner deployments

[coch 5]

@NBPC, thanks a lot, much better than my approach of hacking the .msi installer file using Orca, and I confirm this also works perfectly for me (it also seems to resolve a few minor issues I was having).

[Marcos 4,919]

Please do not use msi installers to install consumer products, otherwise you may encounter unforeseeable issues, e.g. with uninstallation. No technical support will be provided by customer care for issues with hacked msi installers.

Instead run the bootstrapped exe installer as follows:

eis_nt64_ENU.exe --silent --accepteula --language 1034

[NBPC 1]

@ Marcos

You are offering the switches for unattended installs using the EXE file but you have not responded to "coch's" question - Is there a switch to incorporate the preconfigured settings, similar to the /ADMINCFG=cfg.xml using the EXE method you posted.

Without the ability to preload settings the silent install I'm my case is of little value.

For me, the whole point is to script a preconfigured package that leaves the end user the ability to enter a license key or begin a trial with all recommended settings preset at first login

The MSI method does this. The MSI is extracted, not hacked, and ESET will uninstall or repair cleanly and without errors.

The method to achieve this can be EXE or MSI - we just need ALL the switches to be documented or posted if ESET prefers the EXE method as they did the MSI methods years ago

OR > If ESET would build an OEM installer with the ability to add a "Provided by %companyname%" and a small graphic spot for a company logo (Similar to Microsoft OEM) - That would be fantastic!!!  

 

[Proactive Services 11]

16 hours ago, NBPC said:

For me, the whole point is to script a preconfigured package that leaves the end user the ability to enter a license key or begin a trial with all recommended settings preset at first login

Just to add a voice, this is the precise reason I have to hack out the MSIs. If I had to configure Eset to my home clients manually each time I'd have to charge them more or go elsewhere :-(

[Marcos 4,919]

There's a solution for you; just run:

eis_nt64_ENU.exe --silent --accepteula --language 1034 --msi-property  ADMINCFG="%path_to_the_cfg_xml%"

[coch 5]

Thanks @Marcos this is very helpful and thanks @NBPC for following-up.

I will try those switches tonight and if it works as intended this resolves by issue on my end.

(And just to clarify, my initial workaround was to modify the .msi file, but later on based on NBPC's findings a registry method could be used without having to touch the .msi file and this was my preferred approach.

 

Looks like if everything works as described by Marcos I won't have to use the .msi anymore as the .exe installer will do everything I want (silent install and pre-configuration).

[coch 5]

Sorry it took me so long to test this, but

--silent --accepteula --language 1034 --msi-property  ADMINCFG="%path_to_the_cfg_xml%"

does not work for me when using the .exe installer.

The NOD32 install does start (as confirmed by seeing the process in Task Manager) and is silent, but appears to end prematurely and silently (without error message) adter about 10 seconds), and NOD32 does not get installed.

C:\Program Files\ESET\ESET Security only contains eula.rtf, eula.html and a "help" folder, but nothing else.

So, back to the .msi method for me, as this one works.

 

EDIT: and before someone asks, obviously yes I did replace the ""%path_to_the_cfg_xml%"" with my actual path

Edited December 16, 2017 by coch

[NBPC 1]

I to have tested this method as stated directly from Marcos

eav_nt64.exe --silent --accepteula --language 1034 --msi-property  ADMINCFG="%path_to_the_cfg_xml%"

current version 11.159 is now named EAV_NT64.exe again

I have the exact same behavior as COCH with the process starting but only the eset security folder and the eula bits and pieces 

Back to working MSI install methods again

Hopeful but yet another fail -  OEM builders need automation to be truly unattended installs and configuration  

 

Edited January 7, 2018 by NBPC

[Proactive Services 11]

I've found that if the ADMINCFG path has spaces (even if quoted) it fails - without the spaces I have a successful install with the following CLI parameters:

--accepteula --language 1034 --msi-property ADMINCFG="%windir%\Temp\Eset-config.xml"

 

[Marcos 4,919]

On 12/16/2017 at 5:20 AM, coch said:

--silent --accepteula --language 1034 --msi-property  ADMINCFG="%path_to_the_cfg_xml%"

does not work for me when using the .exe installer.

Please let us know the actual path that you used as %path_to_the_cfg_xml%. Couldn't it be the issue with spaces in the path that was mentioned above?

[NBPC 1]

This is very frustrating - I feel as though I am missing something obvious but still no joy

I am trying to break down the problem to its simplest level till it works them move up from there but still cannot get it to go

I am not even worrying about the admin config right now since I cannot get an install without all the usual prompts

Here is were I am at right now.

downloaded newest eav_nt64.exe (11.159) and dropped in into windows temp

with a elevated command prompt open and in the windows temp folder I type

eav_nt64.exe --silent --accepteula --language 1033 - US English is 1033

From same folder I typed the full absolute path C:\Windows\Temp\eav_nt64.exe --silent --accepteula --language 1033

Still no joy - the installer starts to run, creates the eset security folder and the eula bits and pieces then just quits

I though there may be a permission issue going on with windows temp folder so I did try a first users profile download folder to verify it is not an issue like that - still no joy

I also want to verify the -- double dash is not being converted with language controls here - I have never seen double dashes - single dash and forward slash yes but not double dash.  Just want to verify this

Still looking for answers

Edited January 11, 2018 by NBPC

[coch 5]

On 1/10/2018 at 5:27 PM, Marcos said:

Please let us know the actual path that you used as %path_to_the_cfg_xml%. Couldn't it be the issue with spaces in the path that was mentioned above?

Unfortunately, no there were no spaces. My command line was:

eav_nt64.exe --silent --accepteula --language 1034 --msi-property  ADMINCFG="%D:\Reformat\Programs\ESET-NOD32-v11-Config.xml%"

Although I also tried:

eav_nt64.exe --silent --accepteula --language 1034 --msi-property  ADMINCFG=%D:\Reformat\Programs\ESET-NOD32-v11-Config.xml%

(without the quotes as I wasn't sure if these should be included or not, usually not required unless there are spaces in the path, although even without spaces having quotes isn't an issue normally)

 

eav_nt64.exe --silent --accepteula --language 1034 --msi-property  ADMINCFG="D:\Reformat\Programs\ESET-NOD32-v11-Config.xml"

(without the % symbols that were in your example; again, I wasn't sure if these were needed or not, I usually don't see % other than for environment variables to be expanded)

 

eav_nt64.exe --silent --accepteula --language 1034 --msi-property  ADMINCFG="%D:\Reformat\Programs\cfg.xml%"

(with a shorter file name, just in case there's some legacy 8 character limitation)

 

eav_nt64.exe --silent --accepteula --language 1034 --msi-property ADMINCFG="%D:\Reformat\Programs\ESET-NOD32-v11-Config.xml%"

(single space between property and ADMINCFG, in this this was a typo)

 

eav_nt64.exe -silent -accepteula -language 1034 -msi-property  ADMINCFG="%:\Reformat\Programs\ESET-NOD32-v11-Config.xml%"

(single dashes instead of double dashes, because, as NBPC mentioned, double dashes for command lines are unusual).

 

I tried all those variants above and the outcome was either a complete failure to accept the command line arguments/switches (no install at all), or an incomplete install (just the EULA files...) as I mentioned in my previous message.