Jump to content

Mac OS High Sierra fully patched (10.13.4) ESET endpoint AV install fails


Recommended Posts

Have tried both deployment from Remote administrator server and local install with different results.

From Remote Administrator server the install completes and warning from MacOS appears so I can enable the extensions that are blocked.  Following this ESET Antivirus starts (observed in activity monitor) but no icon appears in top status bar. After approx 2 mins ESET process in not responding and needs to be force quit.

From local installation at the end it states:

"The installation failed. The installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance"

I can't find anything to indicate what fails though I do get one error in the system log which I believe to be the extension blocking but I get no prompt to enable it with the downloaded installer.

"esets[854]: error[03560000]: ESET Daemon: Command kextload failed. error:0x00"

 

Any help greatly appreciated.

Link to comment
Share on other sites

Some additional information after a reboot I get the following log entry

kextd        Kext rejected due to insecure location: <OSKext 0x7fcb91489120 [0x7fffb10bdaf0]> { URL = "file:///Library/StagedExtensions/Applications/ESET%20Endpoint%20Antivirus.app/Contents/PlugIns/kext/eses_mac_64_109.kext/", ID = "com.eset.kext.esets-mac" }

 

Link to comment
Share on other sites

Thanks,  I have sent in a new support request as detailed above with the forum topic in the description.  As of yet (about 10 mins after submitting) I haven't received a reference or confirmation email though

Link to comment
Share on other sites

@mattfippard I'm seeing same problem on my systems — two of iMac Pro fail to load this extension, while iMac 5k works perfectly fine. All of the systems on macOS 10.13.5. What's your systems? Did you find a solution?

Link to comment
Share on other sites

@aleksb  I still have the one that this simply will not run on however I have set up a new machine since then and ESET has installed correctly, however I hadn't applied the 2018.1 patch prior to installing the AV software.  I don't really have any test systems to try this theory out on and I'm still awaiting reply from the logged issue.

Link to comment
Share on other sites

@mattfippardwhich systems do you have issue on? what os? I'm on latest high sierra with all latest updates and problem started after upgrading to the 6.6.800.1 of eset for business.

Link to comment
Share on other sites

@aleksb I had problems with the previous ESET version 6.6.600.1 and with High Sierra 10.13.4 onwards.  As I said above I did manage to get an install to work before applying the 2018.1 patch from Apple (the meltdown/spectre patch??).

This seems like it could be a false positive though and may have stemmed from the reboot operation for the patch co-inciding with the install for ESET and the extension enabling process.  I'm still working with an older MacBook Air that I have found to test with and if I can replicate I'll post my findings.

Link to comment
Share on other sites

@mattfippard  Could you please run following command in the terminal and post output here?

kextstat | grep eset
sudo kextutil -verbose /Library/StagedExtensions/Applications/ESET\ Endpoint\ Security.app/Contents/PlugIns/kext/esets_mac_64_109.kext

 

Wondering if you ran into same issue as I'm seeing. 

Edited by aleksb
Link to comment
Share on other sites

@aleksb Output of command is below

:~ $ sudo kextutil -verbose /Library/StagedExtensions/Applications/ESET\ Endpoint\ Antivirus.app/Contents/PlugIns/kext/esets_mac_64_109.kext
Defaulting to kernel file '/System/Library/Kernels/kernel'
Notice: /Library/StagedExtensions/Applications/ESET Endpoint Antivirus.app/Contents/PlugIns/kext/esets_mac_64_109.kext has debug properties set.
Kext rejected due to insecure location: <OSKext 0x7fad086126f0 [0x7fffb0139af0]> { URL = "file:///Library/StagedExtensions/Library/StagedExtensions/Applications/ESET%20Endpoint%20Antivirus.app/Contents/PlugIns/kext/esets_mac_64_109.kext/", ID = "com.eset.kext.esets-mac" }
Kext rejected due to insecure location: <OSKext 0x7fad086126f0 [0x7fffb0139af0]> { URL = "file:///Library/StagedExtensions/Library/StagedExtensions/Applications/ESET%20Endpoint%20Antivirus.app/Contents/PlugIns/kext/esets_mac_64_109.kext/", ID = "com.eset.kext.esets-mac" }
Diagnostics for /Library/StagedExtensions/Applications/ESET Endpoint Antivirus.app/Contents/PlugIns/kext/esets_mac_64_109.kext:
Warnings:
    Dependency lacks appropriate value for OSBundleRequired and may not be available during early boot:
        com.apple.iokit.IOSerialFamily - Safe Boot

So looking at that even though I accepted the loading of it, it still gets rejected.  Is there a way to remove the trust and let it prompt again?

Link to comment
Share on other sites

2 hours ago, mattfippard said:

Is there a way to remove the trust and let it prompt again?

Yes, it's KB6570.

I've actually followed it and it was helpful, but did not fix my problem.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...