Jump to content

Recommended Posts

I've just downloaded,Installed ESET smart security premium,And i can just simply close it from task manger

That's mean if someone hacked my pc he can just close the antivirus then uninstall it in 1 minute !

Is that the antivirus or it's a bug !

Share this post


Link to post
Share on other sites

I strongly doubt that you were able to stop or quit ekrn.exe, especially with self-sefense enabled. Please shoot a demonstration video.

Share this post


Link to post
Share on other sites

Strange behavior with equiProxy.exe using Win 10 Task Manager. If you try to end the process, you won't get an access denied message. Appears Task Manager just ignores the termination request. In Process Explorer, you will get an access denied message if you try to suspend/terminate equiProxy.exe.

Share this post


Link to post
Share on other sites

When i close eset service from task manger (ekrn.exe) it opens again automatically but the application closes

Does that mean i'm safe against any virus even if the application is closed ?

Just now, Marcos said:

I strongly doubt that you were able to stop or quit ekrn.exe, especially with self-sefense enabled. Please shoot a demonstration video.

 

Share this post


Link to post
Share on other sites
4 hours ago, Amr Elsisi said:

When i close eset service from task manger (ekrn.exe) it opens again automatically but the application closes

What OS do you use? Do you have self-defense enabled? Killing ekrn is not possible with SD on. Even if turned off for whatever reason (e.g. the user forgot to re-enable it after some tests), ekrn should be restarted automatically and keep your computer protected.

 

image.png

Share this post


Link to post
Share on other sites
4 hours ago, Marcos said:

What OS do you use? Do you have self-defense enabled? Killing ekrn is not possible with SD on. Even if turned off for whatever reason (e.g. the user forgot to re-enable it after some tests), ekrn should be restarted automatically and keep your computer protected.

 

image.png

I'm windows 7 x64 bit

There's a video showing my problem

bandicam 2019-05-24 11-11-23-928.rar

Share this post


Link to post
Share on other sites

It looks like self-defense is disabled, is that correct? However, you were not able to terminate ekrn.exe, only egui / egui_proxy.

Share this post


Link to post
Share on other sites
On 5/24/2019 at 11:22 AM, Marcos said:

It looks like self-defense is disabled, is that correct? However, you were not able to terminate ekrn.exe, only egui / egui_proxy.

I don't know! how can i enable it ?

Share this post


Link to post
Share on other sites

It's enabled by default in HIPS setup:

image.png

Share this post


Link to post
Share on other sites
Posted (edited)
On 5/25/2019 at 2:37 PM, Marcos said:

It's enabled by default in HIPS setup:

image.png

Self defence is already enabled !!

and i still have the same problem

Edited by Amr Elsisi

Share this post


Link to post
Share on other sites

Are you sure , you are able to close the ESET Service and not the GUI?

Share this post


Link to post
Share on other sites
24 minutes ago, Rami said:

Are you sure , you are able to close the ESET Service and not the GUI?

ekrn closes but opens again automatically 

i want the message which says acess denied like any other antivirus and like the screenshot above

Share this post


Link to post
Share on other sites
Posted (edited)

Do this.

Terminate ekrn.exe in Task Manager. Close Task Manager. Reopen Task Manager and see if ekrn.exe is now running which I suspect it is.

What I suspect is the issue is Win 7 Task Manager. It appears to terminate ekrn.exe where in fact it does not. In other words, the attempted ekrn.exe termination silently fails.

In Win 10, ekrn.exe runs as a protected process - antimalware; i.e. PPL. This is what causes the access denied popup to appear and prevents Task Manager from attempting to terminate ekrn.exe.

Edited by itman

Share this post


Link to post
Share on other sites
4 minutes ago, Amr Elsisi said:

i want the message which says acess denied like any other antivirus and like the screenshot above

As I just posted, upgrade to Win 10 and you will receive the access denied message. Win 7 does not support/provide protected process protection.

Share this post


Link to post
Share on other sites

In windows 7, any attempt to terminate an ESET process from task manager fails and displays the following message box

 

terminate.JPG

Share this post


Link to post
Share on other sites

 

2 hours ago, stackz said:

In windows 7, any attempt to terminate an ESET process from task manager fails and displays the following message box

Now that it has been established that access denied popup should also be appearing in Win 7, it appears that the OP's Win 7 service permissions are corrupted. Refer to the below screen shot. Ekrn.exe service permission is Read only. If OP's service permissions on Win 7 are corrupted, this is a major security issue for him since other Win 7 services might be affected which obviously don't employ self-protection mechanisms such as Eset has.

Eset_ekrn.thumb.png.c2f32ab507bf97fa45974b44a140f88e.png

 

 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...