[Smart Security disabled / can't enable?]

I'd suggest uninstalling ESS. If it doesn't work, try running the ESET Uninstall tool in safe mode. Run it at least twice and make sure that no ESET product is detected the second time you run it. Then install the latest ESS v9 from scratch which will also fix possible permission issues on ESET's folder or registry keys.

 

I'm uninstalling but the uninstaller is having problems, I'm getting this message:

Could not delete key \Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe. Verify that you have sufficient access to that key etc

 

I'm checking the permissions for that key in regedit and both the SYSTEM and Administrators accounts / groups have Full Control / Read permissions and Users have Read only. If I ignore I just get message after message that various keys can't be deleted from the registry because of a permissions issue. The thing is that the Subinacl script specifically resets and grants Administrators and the System account access to the keys that the uninstaller is complaining about? 

 

I can only assume that I've got some kind of rootkit or other stealth or hard to detect virus that's causing this problem. I've tried running the TDSKiller root kit detection utility but it didn't locate anything.

 

Does anyone have an idea what I can do to find and remove the problem?

[Smart Security disabled / can't enable?]

Hello Norm....Try to retrieve your license details. See hxxp://www.eset.com/us/support/lost-license/

 

Also don't need the CD, just use the live installer hxxp://www.eset.com/us/products/smart-security/or the offline installer (advanced download).

 

Good luck.

 

I was able to retrieve the license key, so that worked out great. Thanks Tom!

[Smart Security disabled / can't enable?]

Hi Marcos:

 

I'll give it a try but I can't seem to locate the box, CD and license key, if I uninstall will I loose my license? Is there a way to backup and restore my license state?

[Smart Security disabled / can't enable?]

I just noticed that my Eset Smart Security doesn't appear to be working, there was no icon in the system tray and when I checked with Process Explorer the ekrn service was not running. When I checked services.msc I saw that the service was disabled and if I try to set it to automatic and Apply I get a message "Access is denied". I checked msconfig and it seems to indicate that Selective Startup is enabled and in services the Eset service is unchecked (the only service or startup item that's unchecked, I'm using Windows 7 btw) and if I attempt to change the Startup Selection to "Normal Startup" and Apply it gives no error message but changes right back to Selective Startup. If I attempt to go to services and to enabled / check the Eset service and click Apply the same thing happens and Eset goes back to being unchecked.

If I go into Control Panel / Programs and Features and select Eset Smart security and click Change, I get the setup program and if I try to repair it I just get a series of messages: The Installer has insufficient privileges to modify this file: C:\Program Files\ESET\ESET Smart Secuirty\callmsi.exe my only option is Cancel, Retry and Ignore and if I ignore it just goes on with the same message file after file.

 

I kind of figure that I've got some kind of virus that managed to get on the system and disable Eset Smart Security and somehow change permissions on the Eset service or on the file or folder permissions. I'm manually checked the permissions on ESET\Smart Security and the files in that directory but they seem correct with my user account as the folder owner and both the system and administrators accounts have full control of the folder. I've also tried using subinacl and this script:

cd /d "C:\Program Files (x86)\Windows Resource Kits\Tools"
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=administrators=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=administrators=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=administrators=f
subinacl /subdirectories %SystemDrive% /grant=administrators=f
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=system=f

to reset to defaults whatever registry, folder and file permissions are blocking me from starting the Eset service but I have the same problem after as before.

 

I'm trying to run the Eset online scanner to see if it can detect and remove whatever virus is causing the problem but all it found on the C: system drive was 6 instances of Win32/OpenCandy.A; I have two additional hard drives that I use for data storage which are being scanned now. If it locates anything else I'll post back with the results.

 

I've also tried looking at all scheduled tasks and I don't see anything suspicious.

Any ideas? Anything I haven't tried to get Smart Security working again?

[Windows 8 Compatibility Issue V5.0.2214.4]

I have a customer who recently installed a new Windows 8 machine, as with all the other computers in the office (a couple Windows XP and several Windows 7 machines) I installed ESet Endpoint Security 5.0.2126 and everything worked fine.

I saw that version 5.0.2214.4 was released and so I upgraded the office and on all the XP and Windows 7 x64 machines the software installed without a problem. But on the lone Windows 8 x64 machine it will not install giving this error:

Quote:

The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2753.

I re-downloaded the msi x64 installer and tried again (rebooting in between tries) and still got the same error. The very first line of the changelog for 5.0.2214.x says "Added: Windows 8 compatibility" but it seems like added incompatibility is more like it since 5.0.2126 actually seemed to install and work fine on Windows 8 and I reinstalled it with no problem.

Has anyone else seen this problem? Have an idea how to correct it?

- Norm