Jump to content

MxRay

Members
  • Posts

    3
  • Joined

  • Last visited

Posts posted by MxRay

  1. Unfortunately, I don't know at which point Eset did not start. Although, considering that the last Windows Update check ran on 14.9. I'd presume it's the day that my PC got infected. The Eset icon is always hidden in the tray menu so it did not occur to me as weird right away. Moreover there were no alerts from the Eset itself that there is some kind of threat incoming.

  2. Hi,
    today I've discovered that my PC is possibly under threat of some malicious software.

    It started when I've tried to do a Windows Update which showed me an error. Next logical step for me is to see what Eset has to say about it (I already had NOD installed) and at this point my heart skipped a beat because ESET wasn't even running. When I tried to start it, its Program Files directory was completely empty. I rushed to download an installer. The installation fails every time right after "Deleting services" step. The Specialized cleaner does not find anything. Online scanner found 2 trojan horses and deleted them but it did not help.

    I started to do my own investigation and few things hit me as suspicious.

    1. Windows Security does not show anything.
    2. There are already 2 Eset related services that are stopped and cannot be started again. Both of which point to non existing files in the Eset Program Files directory.

    So here goes:

    image.thumb.png.110edec59f0d6168b84ee3c77aca402a.png

    image.thumb.png.29d4da1dc8d400ed281067bf13351ca3.png

    image.thumb.png.6dcb575badd115a099ad0088fc54a179.png

    image.png.144c9c588b6c1493ac6a6a2d2163e781.png

    image.thumb.png.b899c3066a9636b55cdd5ab40315bfed.png

    In the meantime I'm I've installed trial version of Kaspersky and trying do a proper full scan.

    Side note: I'm using dualboot of Windows 10 along with ArchLinux, in case it is somehow important.

    UPDATE: Manually deleted old Eset services and the error code has changed to MSI.1923

    eav_logs.zip

×
×
  • Create New...