Steve_P 1 Posted November 5, 2020 Posted November 5, 2020 So i'm currently using AIO ESET Endpoint Antivirus & File Security installers generated by our ESMC, deployed via our RMM (Datto) to PCs without AV/with EndPoint 6.x/Sophos, depending the state of the site. For no good reason at all, it will sometimes come back as failed, with an event log in Windows with something similar to the following sample; Faulting application name: ESEP_Installer_x64_en_US_73lic.exe, version: 10.7.29.0, time stamp: 0x5e6b34e5 Faulting module name: sciter-x.dll, version: 11.0.26.0, time stamp: 0x5c6d4493 Exception code: 0xc0000005 Fault offset: 0x00003cd6 Faulting process id: 0x1894 Faulting application start time: 0x01d6b2909659b6d2 Faulting application path: C:\windows\TEMP\eset\bts.session\{02D83BBE-BFAF-C819-A3F6-0BC8DD3A3AD9}\ESEP_Installer_x64_en_US_73lic.exe Faulting module path: C:\windows\TEMP\eset\bts.session\{02D83BBE-BFAF-C819-A3F6-0BC8DD3A3AD9}\sciter-x.dll Report Id: 703b059a-f5e1-4e36-94bd-d41c635823bf Faulting package full name: Faulting package-relative application ID: when reran on the machine it will either be absolutely fine/ crash after after the agent install/get the agent and endpoint on successfully *THEN* do the above and count as a fail. It did the latter in the above instance I have plenty where it installs fine. I haven't spotted particular hardware it fails on (i've experienced it with VMs) i've seen it on server (File Security) and desktop deployments. It has occurred on PCs with and without existing ESET products The RMM runs it as NT AUTHORITY\SYSTEM which is only thing it might not like, but i read earlier on today that scheduled tasks by ESMC are done with as this anyway so the result would be the same surely? I have not had any issues when running the execute manually without any switches however. bootstrapper_20201105133253.log
Administrators Marcos 5,740 Posted November 5, 2020 Administrators Posted November 5, 2020 We'll probably need a WER application dump from the crash. Please configure WER to generate full dumps as per https://docs.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps and reproduce the crash, then provide us with the generated dump in a zip file.
ESET Staff Solution MartinK 384 Posted November 5, 2020 ESET Staff Solution Posted November 5, 2020 From logs it seems that version of all-in-one installer you are using is 2.0.45.0 which is fairly old, and in the meantime we released few versions, including version 2.0.48.0 which targeted multiple installer crashes, occuring especially when silent deployment was used. I would recommend to re-download installer from ESMC console, it should be automatically using latest version as it is downloaded from ESET repository servers. Version can be verified in executable's file properties, just to be sure.
Steve_P 1 Posted November 16, 2020 Author Posted November 16, 2020 Thank you MartinK, we've not any more logged like this since using the later build.
Recommended Posts