Sachalek 0 Posted August 4, 2017 Share Posted August 4, 2017 While browsing Chrome, I kept getting a popup window for an ESET security update. It asked me if I wanted to update now or later. I clicked "now" and it immediately uninstalled ESET and Windows gave me a warning that I had no virus software installed. I restarted my computer and I couldn't click on any of the links in my google search. The mouse was a curser, not a pointer and was acting weird. I restarted again in safe mode and am running a scan. I wanted to warn everyone about this. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted August 5, 2017 Administrators Share Posted August 5, 2017 Please provide a screen shot of the "ESET Security update" popup window. Link to comment Share on other sites More sharing options...
MarcFL 26 Posted August 5, 2017 Share Posted August 5, 2017 (edited) It's important to learn the difference between a browser popup window and an application popup window. As far as Eset is concerned, if you have ANY doubt close any popup window and close your browser. Manually open Eset by double clicking on the Eset Tray Icon (by the clock in the lower right corner of your taskbar). Any important message or update notifications will be displayed within Eset. Edited August 5, 2017 by MarcFL Link to comment Share on other sites More sharing options...
itman 1,659 Posted August 5, 2017 Share Posted August 5, 2017 17 hours ago, Sachalek said: While browsing Chrome, I kept getting a popup window for an ESET security update. It asked me if I wanted to update now or later. A bit of user security education goes a long way. Applications including security ones do not update via a browser. Applications have their own internal updaters that perform such functions. The only way I am aware of Eset could have been completely uninstalled is via Windows uninstall programs feature. Strongly suspect that the malware found a way to disable Eset realtime protection. This could have been only done on Win 10 via Eset's GUI on Win 10. Theoretically possible since it does not run as a kernel mode protected process. Did you actually verify that Eset is physically uninstalled? For example are its directories missing from the Windows programs folder and its ekrn.exe service missing from Control Panel -> Administrative Tools -> Services? Link to comment Share on other sites More sharing options...
TomFace 539 Posted August 5, 2017 Share Posted August 5, 2017 Pop-ups should be closed by using task manager or ALT + F4 to prevent any possible issues. Link to comment Share on other sites More sharing options...
itman 1,659 Posted August 5, 2017 Share Posted August 5, 2017 22 hours ago, Sachalek said: I clicked "now" and it immediately uninstalled ESET and Windows gave me a warning that I had no virus software installed. Another possibility here is that everything you saw on your PC screen was fake. When you clicked on the Eset update popup from Chrome, you were redirected to a site serving up malware. It then displayed a screen indicating Eset had been uninstalled and then displayed a fake control panel security settings screen showing no AV is installed. While all this is going on, the malware downloaded and executed. You stated that you were running a scan in safe mode. Did you actually reinstall Eset prior to doing that? If not, Eset was never actually uninstalled. Link to comment Share on other sites More sharing options...
Recommended Posts