KB Article Number 000094146
Probe 'cdm' FAILED to start (command = cdm.exe) er - CA Knowledge
Summary:
cdm probe is red, will not start and generates an alarm that it failed to start.
Issue:
Controller: Probe 'cdm' FAILED to start (command = cdm.exe) error = (5) Access is denied.
The cdm probe remains red and cannot get a port or pid. The GUI can be opened but the probe will not start.
robot controller.log shows the error
May 2 11:58:31:712 [1932] Controller: _ProcStart - path = C:\Program Files\Nimsoft\Nimsoft Robot x64\probes\system\cdm\cdm.exe
May 2 11:58:31:712 [1932] Controller: _ProcStart - command line = cdm.exe
May 2 11:58:31:790 [1932] Controller: Probe 'cdm' FAILED to start (command = cdm.exe) error = (5) Access is denied.
May 2 11:58:31:790 [1932] Controller: logInit - Controller - probes/system/cdm/cdm.log
Environment:
- robot version 7.93
- cdm version 6.30
- hub version 7.93
Cause:
- Anti-Virus
Resolution:
This issue is normally caused by Anti-Virus. Please contact your systems administrator to create an exclusion for all Nimsoft Programs, e.g., exclude the <installPath>\Nimsoft directory and its contents from monitoring. If the probe is being blocked from starting, add an exclusion or 'approval' for the specific <probe>.exe
To confirm the cause of the problem/error, check the Windows Application event log on the robot machine where cdm is installed and you may see Informational messages. For example:
Notification displayed for target "c:\program files\nimsoft\nimsoft robot x64\probes\system\cdm\cdm.exe" and process "c:\program files\nimsoft\nimsoft robot x64\robot\controller.exe".
Bit9 Security Platform blocked an attempt by controller.exe to run cdm.exe because the file is not approved. If you require access to this file, please contact your system administrator. Scroll down for diagnostic data.
+ System
- Provider
[ Name] Cb Protection Agent Notifier
- EventID 22
[ Qualifiers] 16386
Level 4
Task 0
Keywords 0x80000000000000
- TimeCreated
[ SystemTime] 2018-05-02T17:03:40.000000000Z
EventRecordID 301478
Channel Application
Computer xxxxxxxx.*********.com
- Security
[ UserID] S-1-5-18
- EventData
c:\program files\nimsoft\nimsoft robot x64\probes\system\cdm\cdm.exe
c:\program files\nimsoft\nimsoft robot x64\robot\controller.exe
Bit9 Security Platform blocked an attempt by controller.exe to run cdm.exe because the file is not approved. If you require access to this file, please contact your system administrator. Scroll down for diagnostic data. Source[c:\program files\nimsoft\nimsoft robot x64\robot\controller.exe] ProcessHash[012497ab6ad08a41ada7fc1c0b4dc1898c37f833195e3c8ba9e0138d2d8d1a66] ProcessPublisher[CA, Inc. (Valid[Yes] Trusted[No])] Cmd[controller.exe] ProcessFlags[WrittenFiles:HaveABInfo] KernelProcessFlags[LocalSystem:64Bit:LoadCheck:DepEnabled:LocalAdmin] Tags[Bit9:ATI:WinSystemConfig:InstalledProgs] Target[c:\program files\nimsoft\nimsoft robot x64\probes\system\cdm\cdm.exe] Notifier[Block] TargetHash[ba06833dff7be385218368b3a18964da450e5ab1379ffac67324d9f2c02cad13] TargetPublisher[CA, Inc. (Valid[Yes] Trusted[No])] Media[Fixed] Device[Unapproved:0x00000002] DeviceFlags[0x00000002] State[Unapproved] Flags[0x00000B42] Object[File] Rule[File and Path Execute: Unapproved Executables] List[1] Group[100] Id[28] Server[cbprotect.xxxxxxxx.com:41002] Policy[xx_HighEnforcement_xxxxxxxx] Id[27] Version[0x00000000] CLVersion[274754] Enforcement[20:20:20] User[NT AUTHORITY\SYSTEM] Pid[1928] Tid[1932] Computer[xxxxxxxx] Domain[xxxxxxxx] Agent[8.0.0.2562 (Patch 6)] OS[Microsoft Windows Server 2008 R2 x64 Server