Jump to content
Euan_Clark__

ESET has disappeared

Recommended Posts

My ESET antivirus has seemingly uninstalled  itself, it doesn't show up in the hidden icons tray and I can't find the ESET GUI anywhere however when I try to reinstall it, it just says I have the most up to date version installed and when I try to uninstall it using the AV Remover it says that there is no antivirus installed so I'm really confused.

Share this post


Link to post
Share on other sites

It happens that attackers perform RDP bruteforce attacks and once they get in, they uninstall ESET and run malware, typically ransomware to encrypt files and subsequently extort money from the user.

You can use the ESET Uninstall tool in safe mode if you are having issues uninstalling ESET.

Share this post


Link to post
Share on other sites
1 hour ago, Euan_Clark__ said:

My ESET antivirus has seemingly uninstalled  itself, it doesn't show up in the hidden icons tray and I can't find the ESET GUI anywhere

Using Windows task manager, verify if these two processes are running; Eset service and Eset Main GUI. Appears some type of corruption may have occurred to the Eset GUI process, equi.exe, and it terminated itself. Did you try a reboot to see if the Eset GUI reestablishes itself as a desktop toolbar icon?

Also if Eset was totally disabled/removed, Windows Defender should now be running in realtime mode? Is that the case?

Edited by itman

Share this post


Link to post
Share on other sites
13 hours ago, Marcos said:

It happens that attackers perform RDP bruteforce attacks and once they get in, they uninstall ESET

I have noticed this answer before; this is a catastrophic scenario in which the antivirus is being uninstalled due to RDP brute force attack.

Now, rather then accepting this as a fatality , why ESET doesn't force user to create a password for uninstall only ,  during the installation process.?????

So, if somehow ESET is getting uninstalled, a password would be required to perform this action.

Seems very simple and elegant.

Edited by novice

Share this post


Link to post
Share on other sites
On 1/30/2019 at 11:43 PM, novice said:

I have noticed this answer before; this is a catastrophic scenario in which the antivirus is being uninstalled due to RDP brute force attack.

Now, rather then accepting this as a fatality , why ESET doesn't force user to create a password for uninstall only ,  during the installation process.?????

So, if somehow ESET is getting uninstalled, a password would be required to perform this action.

Seems very simple and elegant.

I guess that if you password protect your settings in ESET it will prompt you to put your password once you try to uninstall it, it's my guessing , I don't know I might be wrong , correct me if I am wrong

If your PC is accepting RDP connection from outside without any rules for access then it's open for anyone to try and attack it , so once the person who is brute forcing the RDP got access , then he is the admin just like you (assuming that you do have an admin account) , so he has the ability to do whatever he pleases in your system, it's not ESET fault.

Share this post


Link to post
Share on other sites
1 hour ago, Rami said:

I guess that if you password protect your settings in ESET it will prompt you to put your password once you try to uninstall it, it's my guessing , I don't know I might be wrong , correct me if I am wrong

Actually, its much more restrictive. Any Eset GUI access requires the password to be entered. One reason why I don't use the option.

Share this post


Link to post
Share on other sites
32 minutes ago, itman said:

Actually, its much more restrictive. Any Eset GUI access requires the password to be entered. One reason why I don't use the option.

Indeed I understand that it will prompt you for a password each time you try to access any of the settings which was made that way inorder to prevent unauthorized changes by someone else , but it's good if you set up all of the configs that you want and then it's time for eset to run quiet in the background , then you go a for a password if you feel like you need to protect eset from someone who takes control over the PC , whether it was someone through RDP , or someone using your computer , etc...

Share this post


Link to post
Share on other sites
10 hours ago, itman said:

Actually, its much more restrictive. Any Eset GUI access requires the password to be entered. One reason why I don't use the option.

I was not talking about this "option".

I was saying that ESET , during installation should prompt you for an "uninstall password" , which will be used onli for uninstall and nothing else. This would prevent ESET being disabled by unauthorized RDP access.

Is simple, elegant and can solve a big problem. 

Share this post


Link to post
Share on other sites
17 minutes ago, novice said:

I was not talking about this "option".

I was saying that ESET , during installation should prompt you for an "uninstall password" , which will be used onli for uninstall and nothing else. This would prevent ESET being disabled by unauthorized RDP access.

Is simple, elegant and can solve a big problem. 

Have you submitted this suggestion to the correct thread as far as future enhancements to ESET's products?

Regards,

Tom

 

Share this post


Link to post
Share on other sites
8 hours ago, TomFace said:

Have you submitted this suggestion to the correct thread as far as future enhancements to ESET's products?

Regards,

Tom

I haven't!

This is more "common sense" that an "enhancement", I would think after so many ESET versions , a developer would have figure out this....

 

Share this post


Link to post
Share on other sites
7 hours ago, novice said:

I haven't!

This is more "common sense" that an "enhancement", I would think after so many ESET versions , a developer would have figure out this....

 

If you don't, maybe no one will.

Obviously status quo is OK, so stop your whining.<_<

Tom

Edited by TomFace

Share this post


Link to post
Share on other sites
8 hours ago, TomFace said:

If you don't, maybe no one will.

Obviously status quo is OK, so stop your whining.<_<

Tom

As you said in your , un-edited post:

"Whatever..."

Share this post


Link to post
Share on other sites
3 hours ago, novice said:

As you said in your , un-edited post:

"Whatever..."

I'm glad to see you have e-mail notification enabled. In addition "whatever" suits you to a "T".

But I'm sure it won't stop your whining.<_< You're a Pro!

Have a good day.:lol:

Tom

 

Edited by TomFace

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×