Community
Updating portable viewer from 6.10 to 7.x and other bits of info neede
Links used in this discussion
- https://www.remoteutilities.com/support/docs/updating-remote-utilities/#Updating_Portable_Viewer
- https://www.remoteutilities.com/support/kb/how-do-i-migrate-ru-server-self-hosted-server-to-another-pc/#
- https://www.remoteutilities.com/support/docs/about-msi-configurator/#Step_4:_Settings_update
- https://www.remoteutilities.com/support/docs/installing-and-uninstalling/
- https://www.remoteutilities.com/support/tickets/
- https://www.remoteutilities.com/support/forums/forum5/1767-new-v7.0.0.1-eset-antivirus-warning-win32_remoteutilities.d.gen
- https://www.remoteutilities.com/download/
- https://www.remoteutilities.com/support/docs/about-msi-configurator/#Step_1:_Specifying_how_the_configuration_process_should_proceed
- https://www.remoteutilities.com/support/kb/host-service-won-t-start/#How_to_export_Windows_System_Events_log_(Windows_10)
Thank you for the provided details.
I've forwarded the issue to our developers and asked for their input on this. Sorry for the inconvenience.
I'll get back to you with an update on this shortly.
I've used the wizard-created custom MSI on one of our hosts, after disabling all ESET endpoint security features. This time it went fine. However, I still don't feel confident for a wide deployment via GPO. I'm not certain this was caused by ESET. If it wasn't then another cause should be searched. Even if it was, I still have a problem here, since I can't simply disable ESET over our fleet...Polina wrote:
Hello,
Thank you for the provided log.
It seems like the issue might have been caused by ESET's activity as their antivirus currently detects and removes our custom Host/Agent packages by blocking our current signature. Here's a related thread on this. We're currently discussing this with the ESET team in order to resolve the issue as soon as possible.
In order to confirm the above, please try using a vanilla MSI Host package downloaded from our website, specify it as your MSI package in the Remote Install Tool and see if remote Host is updated properly this way.
Please let me know if this worked for you.
Thank you for your message.
Unfortunately, this is indeed caused by ESET as they remove any installation files built with the MSI Configurator from the computer. We understand that this causes major inconvenience for our users and we're trying to resolve the issue with ESET themselves.I've used the wizard-created custom MSI on one of our hosts, after disabling all ESET endpoint security features. This time it went fine.
I'm not certain this was caused by ESET. If it wasn't then another cause should be searched. Even if it was, I still have a problem here, since I can't simply disable ESET over our fleet...
We also encourage all our users who is affected by this issue to contact ESET as well at this email address samples@eset.sk as getting such requests from their own customers should significantly speed up the resolution process.
Of course, it's absolutely understandable. In this case please consider using the MSI Configurator with the Legacy option selected - in this case the output file comes out without any signature, so it's possible to use your own code signing certificate instead. This way, ESET won't remove the installation files. In case if you have a code signing certificate, this might serve as a temporary solution until we resolve the issue with ESET themselves. Sorry for the inconvenience.However, I still don't feel confident for a wide deployment via GPO.
Please let us know if you have other questions.
On a fresh Windows 10 install, with ESET endpoint running, installing (as domain admin manually, by msiexec /i file.msi /qn) a custom msi using the online wizard, produced the following:
* 7.0.0.3 host seems installed
* No ru host service exists
* The following were logged under %programdata%\remote utilities\install.txt
12-04-2021_12:05:18#T:SilentInstall: installation 69110This is quite similar to what I saw in my previous post. There's something I do not understand though: why is the installer removing the service, right after installation of 70003 has started? Essentially considering that there is a service to remove!
12-04-2021_12:05:18#T:SilentInstall: NTSetPrivilege:SE_DEBUG_NAME:false. OK
12-04-2021_12:05:18#T:SilentInstall: OpenService: service not found. OK
12-04-2021_12:05:18#T:SilentInstall: CreateService. OK
12-04-2021_12:05:18#T:SilentInstall: finished
12-04-2021_13:34:55#T:SilentInstall: uninstallation 69110
12-04-2021_13:34:55#T:SilentInstall: NTSetPrivilege:SE_DEBUG_NAME:false. OK
12-04-2021_13:34:55#T:SilentInstall: service found, removing
12-04-2021_13:34:57#T:SilentInstall: installation 70003
12-04-2021_13:34:57#T:SilentInstall: NTSetPrivilege:SE_DEBUG_NAME:false. OK
12-04-2021_13:34:57#T:SilentInstall: service found, removing
12-04-2021_13:34:58#T:SilentInstall: finished
If I understand your log correctly, the 69110 service was removed at 13:34:55. Between that time and 13:34:57 obviously a service was installed and subsequently deleted. It's not as though as an error that came up. It's as if the installer decided to roll back for some reason.
Is there some way I can enable a debug output here?
Thank you for your message.
Please note that I've replied to the ticket you've created and will get back to you with an update on this via the same ticket in order to avoid duplication.
Thank you!
* the majority of the systems are stuck. 7.0.0.3 does not start, there is no service
* around 30% of the systems took the upgrade ok
We have been running around with this since morning. Something is seriously borked with the MSI, as produced by the online wizard.
Thank you for the provided update on this issue.
Please note that I've also replied to your ticket and requested some information required by our development department, including the Windows System Event Log file. I'll forward this information to our developers for their further investigation. You can attach the log files in the same ticket to avoid duplication.
Thank you!
* Website time zone: America/New_York (UTC -4)