Steve_P 1 Posted November 5, 2020 Share Posted November 5, 2020 So i'm currently using AIO ESET Endpoint Antivirus & File Security installers generated by our ESMC, deployed via our RMM (Datto) to PCs without AV/with EndPoint 6.x/Sophos, depending the state of the site. For no good reason at all, it will sometimes come back as failed, with an event log in Windows with something similar to the following sample; Faulting application name: ESEP_Installer_x64_en_US_73lic.exe, version: 10.7.29.0, time stamp: 0x5e6b34e5 Faulting module name: sciter-x.dll, version: 11.0.26.0, time stamp: 0x5c6d4493 Exception code: 0xc0000005 Fault offset: 0x00003cd6 Faulting process id: 0x1894 Faulting application start time: 0x01d6b2909659b6d2 Faulting application path: C:\windows\TEMP\eset\bts.session\{02D83BBE-BFAF-C819-A3F6-0BC8DD3A3AD9}\ESEP_Installer_x64_en_US_73lic.exe Faulting module path: C:\windows\TEMP\eset\bts.session\{02D83BBE-BFAF-C819-A3F6-0BC8DD3A3AD9}\sciter-x.dll Report Id: 703b059a-f5e1-4e36-94bd-d41c635823bf Faulting package full name: Faulting package-relative application ID: when reran on the machine it will either be absolutely fine/ crash after after the agent install/get the agent and endpoint on successfully *THEN* do the above and count as a fail. It did the latter in the above instance I have plenty where it installs fine. I haven't spotted particular hardware it fails on (i've experienced it with VMs) i've seen it on server (File Security) and desktop deployments. It has occurred on PCs with and without existing ESET products The RMM runs it as NT AUTHORITY\SYSTEM which is only thing it might not like, but i read earlier on today that scheduled tasks by ESMC are done with as this anyway so the result would be the same surely? I have not had any issues when running the execute manually without any switches however. bootstrapper_20201105133253.log Link to comment Share on other sites More sharing options...
Administrators Marcos 5,070 Posted November 5, 2020 Administrators Share Posted November 5, 2020 We'll probably need a WER application dump from the crash. Please configure WER to generate full dumps as per https://docs.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps and reproduce the crash, then provide us with the generated dump in a zip file. Link to comment Share on other sites More sharing options...
Steve_P 1 Posted November 5, 2020 Author Share Posted November 5, 2020 Cheers Marcos, will do! Link to comment Share on other sites More sharing options...
ESET Staff Solution MartinK 378 Posted November 5, 2020 ESET Staff Solution Share Posted November 5, 2020 From logs it seems that version of all-in-one installer you are using is 2.0.45.0 which is fairly old, and in the meantime we released few versions, including version 2.0.48.0 which targeted multiple installer crashes, occuring especially when silent deployment was used. I would recommend to re-download installer from ESMC console, it should be automatically using latest version as it is downloaded from ESET repository servers. Version can be verified in executable's file properties, just to be sure. Link to comment Share on other sites More sharing options...
Steve_P 1 Posted November 16, 2020 Author Share Posted November 16, 2020 Thank you MartinK, we've not any more logged like this since using the later build. Link to comment Share on other sites More sharing options...
Recommended Posts