eset endpoint protection blocks sending ctrl-alt-d...

LFOD23 · ‎03-22-2023

I have several unattended access clients that require pressing ctrl-alt-del to login. When using rescue unattended access, eset endpoint is blocking remote sending of ctrl-alt-del. It seems to be an issue with eset's HIPS module, and rules can be created within eset to allow it. What specific logmein rescue file(s) need to be added to eset HIPS rules to allow remote sending ctrl-alt-del, specifically for unattended access? I have found the files for the logmein application, but not for Rescue unattended access - they are not the same.

Thank you

KateG · ‎03-23-2023

Hi @LFOD23 welcome to the GoTo Community. Referencing this solution from an ESET article, this logic would apply to Rescue, however the Applet is temporary for Rescue. The following 3 files would need to be allowed, but they are temporary as long as the applet is being used.

LMI_Rescue.exe - C:\Users\User\AppData\Local\LogMeIn Rescue Applet\LMIR09423001.tmp
LMI_RescueRC.exe - C:\Users\User\AppData\Local\LogMeIn Rescue Applet\LMIR09423001.tmp
Lmi_Rescue_srv.exe - C:\Users\User\AppData\Local\LogMeIn Rescue Applet\LMIR09423001.tmp

If ESET doesn't allow just the root to be allowed - which would be C:\Users\User\AppData\Local\LogMeIn Rescue Applet you may need to use the calling card which is a static, standalone customer app. The Calling Card would be the only solution for allowing a static file in ESET.

Another option is to is to disable HIPS which would allow the ctrl alt del command to be sent.

Kate is a member of the GoTo Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!

Free new user and admin training

eset endpoint protection blocks sending ctrl-alt-del

Re: eset endpoint protection blocks sending ctrl-alt-del