Cap-it 0 Posted December 14, 2018 Share Posted December 14, 2018 So I'm moving over from an on prem AV server solution to the ESET cloud based business av solution and I'll be reinstalling the AV along with a new remote admin agent on all computers. Currently our agent is 6.5.5. I was able to uninstall the AV product but when I try to uninstall the Admin Agent it asks for a password. My predecessor had not documented the initial password before he left the company. Is there a way I can change the password in the Local Admin Console? I'm not familiar with ESET products. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted December 15, 2018 Administrators Share Posted December 15, 2018 If the agent still connects to your ERA/ESMC server, remove or change the password via an agent policy prior to uninstall the agent: Link to comment Share on other sites More sharing options...
Cap-it 0 Posted December 21, 2018 Author Share Posted December 21, 2018 Thanks, it's all working now. Link to comment Share on other sites More sharing options...
Guest sindbad Posted December 24, 2018 Share Posted December 24, 2018 Or use revo uninstaller. Just did it and it worked. I wanted to uninstall it through control panel, it was asking for a password. I tried with revo uninstaller and it did remove the agent, without asking for any password. Isnt this a security flaw? Shouldnt this be fixed? @Marcos Link to comment Share on other sites More sharing options...
ESET Staff MartinK 375 Posted December 25, 2018 ESET Staff Share Posted December 25, 2018 20 hours ago, sindbad said: Isnt this a security flaw? Shouldnt this be fixed? @Marcos Agent is protected by ESET security product installed on the same device. Was there any installed? If so, was HIPS module enabled? Link to comment Share on other sites More sharing options...
Guest sindbad Posted December 25, 2018 Share Posted December 25, 2018 Eset security was installed. I removed eset security first. I could not remove agent because it was asking for a password by uninstall. Hips mode was enabled. Revo removed it without asking for a password. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 375 Posted December 27, 2018 ESET Staff Share Posted December 27, 2018 On 12/25/2018 at 9:43 PM, sindbad said: Eset security was installed. I removed eset security first. I could not remove agent because it was asking for a password by uninstall. Hips mode was enabled. Revo removed it without asking for a password. It is crucial that ESET product is installed, otherwise nothing is actually protecting AGENT from users with administrative privileges. Password protection is custom feature of our uninstaller (it is not feature of msiexec / windows) so it is effective only when our uninstaller is used -> this is enforced by self-defense of ESET security product. In short: in case ESET security product is not installed, or it is not running properly (i.e. disabled HIPS), AGENT is not protected and thus anyone with administrative privileges can simple stop it, or completely remove. Link to comment Share on other sites More sharing options...
Recommended Posts