/build/static/layout/Breadcrumb_cap_w.png

ESET, spol. s r.o. ESET NOD32 Antivirus

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login
Views: 1.6k  |  Created: 02/19/2020 by: Drave

Average Rating: 0
ESET NOD32 Antivirus has 1 inventory records, 0 Questions, 0 Blogs and 0 links. Please help add to this by sharing more!

Deployment Tips (1)

Most Common Setup Type
Windows Installer (Delivered as an EXE)
Average Package Difficulty Rating
Rated 1 / 5 (Very Easy) based on 1 ratings
Most Commonly Reported Deployment Method
Windows Installer Command Line (No MST)
0
Script

Due to a bug in ESET we had to push a fix out. I ran into some issues with deploying this fix with software deployment, using powershell scripts, using their remote deployment tool, and even using the management console.

This is how I made it work on Workstations. This should not be used on productions servers. Update those manually, or use at your own risk.

The packages they provide come in the form of an EXE. These EXE's will execute a string of commands including adding registry entries and likely manipulating settings in the ESET system.

The package also extracts an MSI and leaves a log file at the point of execution. Unfortunately from my experience these files don't get deleted and just lay there to rot.

Due to this I created a script to verify the update was successfully installed then move the log file to an expected location and delete the kscript files that are no longer required.

Fairly basic, but thought it might save someone some time. I'll note that the EXE for some reason is returning the process as failed, despite having successfully finished. I suspect this is due to it wanting to reboot, but being told not to.

The script I made will be at the bottom, you do need to set where you want logs to go on lines 26 and 28. My kscript was setup as follows.

Initial Note: I created individual setups for 32-bit and 64-bit OS. Probably logic available to handle that, but this is easy enough.

  • Dependencies:
    • eea_nt64_enu.exe
    • eea_nt32_enu.exe
    • Cleanup-ESETFix.PS1 (The powershell script below.)
  • Verify Registry value is exactly (To verify the script hasn't already been run, not that important really, but saves on any accidental re-runs.)
    • Key:  HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info
    • Name: ProductVersion
    • Equal To: 5.0.2272.7
  • Remediation (Run the actual fix)
    • Launch A Program...
      • Directory: $(KACE_DEPENDENCY_DIR) 
      • File: eea_nt64_enu.exe 
      • Wait: checked
      • Visible: unchecked
  • On Remediation Failure (because it literally always says fail even on a successful fix)
    • Directory: C:\Windows\Sysnative\WindowsPowershell\v1.0
    • File: Powershell.exe
    • Wait: Checked
    • Visible: Unchecked
    • Parameters: -nologo -executionpolicy bypass -file $(KACE_DEPENDENCY_DIR)\Fix-EsetAVv5.ps1


<# Fix-ESETAVv5.ps1

   .SYNOPSIS
      Verifies Eset update was applied and then deletes kscript files upon verification.
   .DESCRIPTION
      Checks registry entries to verify that ESET fix was successfully installed then clears out any kscript files that remain.
   .EXAMPLE
      C:> Fix-ESETAVv5.ps1
   .NOTES
      Additional Notes
      Author: Drave
      Date of Update: 2/19/20
      Version: 1.0
      Appears in -Full
   .LINK
      Link to information about this script or a function/class/etc within script.
#>

# To Determine OS Version and architecture
$version = (([Environment]::OSVersion))
$major = $version.version.major
$minor = $version.version.minor
$Arch = $ENV:PROCESSOR_ARCHITECTURE

If ($Arch -like "*AMD64*"){
   $ErrorLogPath = <Replace with x64 log path and surround in quotes>
} ELSE {
   $ErrorLogPath = <replace with x86 log path and surround in quotes>
   If (!(Test-Path $ErrorLogPath)){
      New-Item -Path $ErrorLog -Type Directory -Force
   }
}

$ErrorFilename = "EEA_v5_Fix" # give a name to the file.
$ErrorCode = 0

function log-it($text){
   Write-Host $text
   Add-Content -Value $text -Path $errorlog
}

Function Test-Reg($NEPath,$RegProp,$RegVal){
   $ErrorCode += .1
   #Verify the path to the registry key exists.
   if (!(Test-Path $NEPath)){
      Log-It "$NEPath didn't exist. ErrorCode:$ErrorCode"
      Exit $ErrorCode
   }
   $Key = Get-Item -Path $NEPath
   $ErrorCode += 0.1
   #Verifys the property exists
   if ($Key.getValue($RegProp, $Null) -ne $null){
      $RegCurrentVal = Get-ItemProperty -Path $NEPath -Name $RegProp
      $ErrorCode += 0.1
      # Verify the value of the property.
      If ($RegVal -eq $($RegCurrentVal.$RegProp)){
         Log-It "$RegProp`: $($RegCurrentVal.$RegProp) is correct."
         Return $True
      } ELSE {
         Log-It "$RegProp`: $($RegCurrentVal.$RegProp) was not correct. A failure in deploying the ESETv5 fix is likely. ErrorCode: $ErrorCode"
         #Exit $errorCode
      }
   } ELSE {
      Log-It "$RegProp was not found, likely a failure in the fix deployment. ErrorCode: $ErrorCode"
      #Exit $ErrorCode
   }
}

# Sets error log filename and file path.
$ErrorFile = "$ErrorFilename.$(get-date -Format hh.mm.MMddyyyy).log" 
$errorlog = "$ErrorLogPath\$ErrorFile"
if (!(Test-Path $ErrorLog)){
   New-Item -Path $ErrorLogPath -name $ErrorFile -ItemType "file"
} Else {
   $ErrorFile = "$ErrorFilename.$(get-date -Format hh.mm.ss.MMddyyyy).log"
   $ErrorLog = "$ErrorLogPath\$ErrorFile"
   if (Test-Path $ErrorLog){
      test-connection 127.0.0.1 -Count 4
      $ErrorFile = "$ErrorFilename.$(get-date -Format hh.mm.ss.MMddyyyy).log"
      $ErrorLog = "$ErrorLogPath\$ErrorFile"
   }
}

Log-It "Creating Scriptdir variables"
# Script location
$ScriptPath = $MyInvocation.MyCommand.Path
$ScriptDir = Split-Path $ScriptPath

Log-It "Setting reg variables"
# Registry working location
$HKESET = "HKLM:\SOFTWARE\ESET"

# Test if the hotfix created first reg entry.
$ErrorCode = 1
If(Test-Reg -NEPath $HKESET -RegProp "Hotfix50_20200207I" -RegVal "8"){
   Log-It "Hotfix registry entry 1 found. Moving to next check"
}

# Test if the hotfix created second reg entry.
$ErrorCode = 2
If (Test-Reg -NEPath $HKESET -RegProp "Hotfix50_20200207M" -RegVal "2"){
   Log-It "Hotfix registry entry 2 found. Moving to next check"
}

# Test if ESET has actually been updated.
$ErrorCode = 3
If (Test-Reg -NEPath "$HKESET\ESET Security\CurrentVersion\Info" -RegProp "ProductVersion" -RegVal "5.0.2272.7"){
   Log-It "Version 5.0.2272.7 of ESET found. Fix was successful. Now running cleanup."
}

# Once the update has been verified delete the move log files to the typical central log store on the computer and cleanup kscript files.
Move-Item -Path "$ScriptDir\msi-fix-log*.log" -Destination $ErrorLogPath -Force
CD "$ScriptDir\.."
Remove-Item -Path "$ScriptDir" -Force -Recurse

If ($Arch -like "*AMD64*"){
   & 'C:\Program Files (x86)\Quest\KACE\runkbot.exe' 4 0
} ELSE {
   & 'C:\Program Files\Quest\KACE\runkbot.exe' 4 0
}
Setup Information:
Setup Type: Windows Installer (Delivered as an EXE)
Deployment Method Used: Windows Installer Command Line (No MST)
Deployment Difficulty: Very Easy
Platform(s): Windows

Inventory Records (1)

View inventory records anonymously contributed by opt-in users of the K1000 Systems Management Appliance.

Versions

ESET NOD32 Antivirus

Version

5.0.2272.7

Questions & Answers (0)

Questions & Answers related to ESET, spol. s r.o. ESET NOD32 Antivirus

Blogs (0)

Blog posts related to ESET, spol. s r.o. ESET NOD32 Antivirus

Reviews (0)

Reviews related to ESET, spol. s r.o. ESET NOD32 Antivirus

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ