ESET' service' (ekrn) failed to start.

[Ali Akbar 0]

I'm trying to install ESET Endpoint Security v7 in one of my client PC. The error that i keep getting is

"ESET' service' (ekrn) failed to start. Verify that you have sufficient privileges to start system services"

Windows OS : Window 7 Professional

Action taken so far, uninstall ESET Product (v6, Product + Agent ) using ESET Uninstaller) ,I alse have tried to install v5 and v6 as well still getting same error.

What is the solution for this ?Kindly anyone please help

Attach together the logs from procmon, install log. 
 

install.log

setupapi.app.log

setupapi.dev.log

Logfile.rar

[Marcos 3,573]

We'll need ELC logs from the machine. Something is causing ekrn to take too long to start until it times out.

[Ali Akbar 0]

Hi Marcos,

 

Please find attached file for ESET Log Collector logs and also logs from ESET SysInspector

SysInspector-FARMASI-NURMAIS-180830-085017.zip

ELC_logs.zip

[Ali Akbar 0]

Hi @Marcos

Any update on this ?

Thanks

[Marcos 3,573]

You have a rootkit in the system.

In safe mode, delete the files c:\windows\system32\drivers\winmon.sys and c:\windows\system32\drivers\winmonfs.sys. If necessary, boot from a clean medium (e.g. ESET SysRescue) first.

[Ali Akbar 0]

Hi @Marcos

I've tried the solution given by you but still failed to installed it. Kindly please advise .

Thanks

[Marcos 3,573]

Please provide fresh ELC logs so that I can make sure the drivers are no longer loaded. Beforehand I'd suggest running the ESET Uninstall tool in safe mode and trying to install Endpoint v7 from scratch. Should the problem persist, also create a Procmon log from installation.