Jump to content

ESET Uninstaller


ronmanp

Recommended Posts

Hi, 

Has anyone been able to programmatically run the ESET uninstaller tool? We have a large amount of computers and since that tool needs to run in safe mode it is quite a challenge to automate. 

Thank you 

Link to comment
Share on other sites

  • Administrators

The uninstall tool serves as a last resort in case that standard uninstallation procedure fails. It must be run in safe mode since in normal mode ESET processes, self-defense as well as drivers are running.

Link to comment
Share on other sites

  • Administrators
1 minute ago, ronmanp said:

Unfortunately for us last resort is hundreds of machines that refuses to either uninstall or upgrade to a newer build. 

The best would be to find out why the standard uninstall is failing which could help us suggest the best / most effective procedure how to proceed.

Run:

msiexec /uninstall "C:\ProgramData\ESET\ESET Security\Installer\ees_nt64.msi" /lvx* uninstall.log

If uninstallation fails, please provide uninstall.log.

Link to comment
Share on other sites

This command works if you don't attempt to upgrade first. Once we attempt to upgrade and it fails the only option we have is to use the Uninstaller Tool. Sounds like we'll have to script the removal, restart and then installation of the latest build just to upgrade. 

That's not just an isolated case, we can repro on a newly imaged machine upgrading from ESET Endpoint Antivirus 8.0 to 8.1. 

Link to comment
Share on other sites

  • 2 months later...
  • Administrators

The question is how you initially installed Endpoint (via a software install task, GPO, manually, etc.) and also if you performed upgrade in the same way in case you initially installed via GPO.

Link to comment
Share on other sites

It's a recurring problem that has never been resolved despite hours spent with ESET premium support. We are moving away from ESET because it's not worth the effort anymore. 

Link to comment
Share on other sites

  • Administrators
34 minutes ago, ronmanp said:

It's a recurring problem that has never been resolved despite hours spent with ESET premium support. We are moving away from ESET because it's not worth the effort anymore. 

Please answer my question above. If you install MSI via various ways (GPO, push installation, logon scripts), you will most likely have issues with any software since the issue stems from how Windows Installer works.

Link to comment
Share on other sites

We use SCCM. So it installs using MSIEXEC running as SYSTEM. We have roughly 700 applications in SCCM and can confirm that ESET is the one giving us the most trouble. Unfortunately that's not just how Windows Installer is supposed to work. 

We did work with ESET premium support but with little success hence our decision to change product. 

Link to comment
Share on other sites

we are experiencing this as well when upgrading endpoints to version 9. This is EXREMELY frustrating. We never had this problem with upgrading from 7.x to 8.x. Two weeks ago we upgraded our PROTECT server to version 9, and then we upgraded the Agent across the endpoints. Now we are upgrading endpoints to version 9 (most are on 7.3.2044.0 but many are on 8.1) and several of them are failing, and when the machine checks back in, there is NO antivirus installed at all - only the Agent.

After working with a support tech they instructed me that we have to reboot the machine in Safe Mode and then run the esetuninstaller command line tool, and remove both the Agent and the leftover BS from Endpoint Antivirus, and then reboot, and then reinstall ESET all over again. Now because everyone is working remotely this is actually BRICKING some machines, as now we are running into situations where the user goes into Safe Mode (even though we try Safe Mode with Networking it's not able to connect to Internet) and now they are stuck in Safe Mode loops as msconfig cannot save the setting to go back into normal mode -so they literally cannot use their machine anymore. I just spent the last hour troubleshooting this with a user and we are having to have her drive her laptop in since her machine is unusable now. Luckily she isn't far from our HQ but if this happens to people working in remote offices we are screwed since this effectively leaves the machines totally unprotected.

This never happened to us when we upgraded machines from 7.x to 8.1 - this only started happening with upgrading to version 9. This is a total disaster to deal with since users don't even have local admin rights, so we have to either connect to them first and reset the local admin password to something we can tell them, or elevate their rights to local admin, but then we still are experiencing the Safe Mode loop since Windows 10 can't seem to figure out how to boot into Safe Mode with Networking. And of course we have to talk through explaining to non-technical users how to find the esetuninstaller tool and run it, since we have no remote access or screen sharing in Safe Mode. This situation has left me scared and not wanting to upgrade any more machines to version 9 which is not a good place to be in. I love ESET but this stuff is killing it for us and makes it hard to remain a customer. The amount of time it's taking us to troubleshoot these issues is too much. If everyone were onsite it would not be nearly the challenge that it is with everyone being remote, and it these upgrades fail for VP or C level people and we have to walk them through having them log into Safe Mode it will be a disaster.

Maybe version 9 isn't ready yet??

Link to comment
Share on other sites

  • Administrators

Did you upgrade agent by sending an ESET PROTECT component upgrade task?

Did you initially install Endpoint via a software install task from ESET PROTECT? Did you upgrade it by sending a software install task?

Link to comment
Share on other sites

we upgraded the previous Agent (which was version 8 ) by using a Component Upgrade task from the PROTECT server. The agents have been upgrading fine to version 9. The problem is upgrading Endpoint Antivirus from version 7.3.x or 8.1 to version 9. Most of the upgrades I have been doing have been from the machine details using the Installed Applications -> Update ESET Products and then choosing the latest version from the selection list. Another colleague of mine has been upgrading groups of machines using a software install task from PROTECT. Initially, ESET was most likely installed using Ivanti task - which is our asset management software via the Ivanti agent which is on all PCs. We use the all-in-one installer for that so it installs both Agent and Endpoint. Now we are scared to upgrade any systems.

Link to comment
Share on other sites

We are transitioning to SCCM so we will probably start deploying ESET to new machines using SCCM soon instead of Ivanti - we don't use GPO to deploy

Link to comment
Share on other sites

  • Administrators
13 minutes ago, MarkR said:

ESET was most likely installed using Ivanti task - which is our asset management software via the Ivanti agent which is on all PCs.

That could be the cause of issues. The way of deployment must not be mixed, ie. using a deployment tool - Ivanti, SCCM or GPO, mixed with installation via a software install task (equal to manual installation using msi).

You can deploy agent via GPO, Ivanti, SCCM, etc.  and then upgrade to newer versions via a component upgrade task.

As for Endpoint, if you install it via a software install, use a software install task also for upgrade (do not use Ivanti, SCCCM, etc). However, we recommend enabling automatic program updates which are performed in a controlled safe manner (with a 1-2 month delay after the release, you can specify at which version updates will stop, etc.).

Link to comment
Share on other sites

I will repeat in that this never happened until we started upgrading to version 9.

And this should be more clearly specified by ESET if we are not supposed to deploy Endpoint with one method (like GPO or Ivanti) and then continue to maintain is via ESET Server via upgrade tasks..how the heck are customers supposed to know that??

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...