DX Infrastructure Management

Tech Tip: UIM "Probe 'cdm' FAILED to start (command = cdm.exe) error = (5) Access is denied" 

05-02-2018 02:54 PM

KB Article Number 000094146

Probe 'cdm' FAILED to start (command = cdm.exe) er - CA Knowledge 

 

Summary:    
cdm probe is red, will not start and generates an alarm that it failed to start.

 

Issue:
Controller: Probe 'cdm' FAILED to start (command = cdm.exe) error = (5) Access is denied.

 

The cdm probe remains red and cannot get a port or pid. The GUI can be opened but the probe will not start.

 

robot controller.log shows the error

 

May  2 11:58:31:712 [1932] Controller: _ProcStart - path = C:\Program Files\Nimsoft\Nimsoft Robot x64\probes\system\cdm\cdm.exe
May  2 11:58:31:712 [1932] Controller: _ProcStart - command line = cdm.exe
May  2 11:58:31:790 [1932] Controller: Probe 'cdm' FAILED to start (command = cdm.exe) error = (5) Access is denied.   
May  2 11:58:31:790 [1932] Controller: logInit - Controller - probes/system/cdm/cdm.log

 

Environment:    
- robot version  7.93
- cdm version 6.30
- hub version 7.93

 

Cause:
- Anti-Virus

 

Resolution:
This issue is normally caused by Anti-Virus. Please contact your systems administrator to create an exclusion for all Nimsoft Programs, e.g., exclude the <installPath>\Nimsoft directory and its contents from monitoring. If the probe is being blocked from starting, add an exclusion or 'approval' for the specific <probe>.exe

 

To confirm the cause of the problem/error, check the Windows Application event log on the robot machine where cdm is installed and you may see Informational messages. For example:

 

Notification displayed for target "c:\program files\nimsoft\nimsoft robot x64\probes\system\cdm\cdm.exe" and process "c:\program files\nimsoft\nimsoft robot x64\robot\controller.exe".

 

 

Bit9 Security Platform blocked an attempt by controller.exe to run cdm.exe because the file is not approved.  If you require access to this file, please contact your system administrator.  Scroll down for diagnostic data.

 

+ System

 

  - Provider

 

   [ Name]  Cb Protection Agent Notifier
 
  - EventID 22

 

   [ Qualifiers]  16386
 
   Level 4
 
   Task 0
 
   Keywords 0x80000000000000
 
  - TimeCreated

 

   [ SystemTime]  2018-05-02T17:03:40.000000000Z
 
   EventRecordID 301478
 
   Channel Application
 
   Computer xxxxxxxx.*********.com
 
  - Security

 

   [ UserID]  S-1-5-18
 

 

- EventData

 

   c:\program files\nimsoft\nimsoft robot x64\probes\system\cdm\cdm.exe
   c:\program files\nimsoft\nimsoft robot x64\robot\controller.exe
   Bit9 Security Platform blocked an attempt by controller.exe to run cdm.exe because the file is not approved. If you require access to this file, please contact your system administrator. Scroll down for diagnostic data. Source[c:\program files\nimsoft\nimsoft robot x64\robot\controller.exe] ProcessHash[012497ab6ad08a41ada7fc1c0b4dc1898c37f833195e3c8ba9e0138d2d8d1a66] ProcessPublisher[CA, Inc. (Valid[Yes] Trusted[No])] Cmd[controller.exe] ProcessFlags[WrittenFiles:HaveABInfo] KernelProcessFlags[LocalSystem:64Bit:LoadCheck:DepEnabled:LocalAdmin] Tags[Bit9:ATI:WinSystemConfig:InstalledProgs] Target[c:\program files\nimsoft\nimsoft robot x64\probes\system\cdm\cdm.exe] Notifier[Block] TargetHash[ba06833dff7be385218368b3a18964da450e5ab1379ffac67324d9f2c02cad13] TargetPublisher[CA, Inc. (Valid[Yes] Trusted[No])] Media[Fixed] Device[Unapproved:0x00000002] DeviceFlags[0x00000002] State[Unapproved] Flags[0x00000B42] Object[File] Rule[File and Path Execute: Unapproved Executables] List[1] Group[100] Id[28] Server[cbprotect.xxxxxxxx.com:41002] Policy[xx_HighEnforcement_xxxxxxxx] Id[27] Version[0x00000000] CLVersion[274754] Enforcement[20:20:20] User[NT AUTHORITY\SYSTEM] Pid[1928] Tid[1932] Computer[xxxxxxxx] Domain[xxxxxxxx] Agent[8.0.0.2562 (Patch 6)] OS[Microsoft Windows Server 2008 R2 x64 Server

Statistics
0 Favorited
15 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.