leo_nazareth 0 Posted February 18, 2020 Posted February 18, 2020 I'm having trouble installing the NOD32 antivirus, during the installation it gives me the warning that the installation failed possibly due to the presence of spyware. I have already used the tool to scan the installer's own malware and also the ESET Online Scanner, both give me warnings that they have removed malware but the problem persists. I collected the log through the ESET Log Collector and send it here as an attachment. eav_logs.zip
Administrators Marcos 5,460 Posted February 18, 2020 Administrators Posted February 18, 2020 Have you tried running the ESET Uninstall tool in safe mode as per https://support.eset.com/en/kb2289-uninstall-eset-manually-using-the-eset-uninstaller-tool and then installing the latest v13.0.24 from scratch?
leo_nazareth 0 Posted February 18, 2020 Author Posted February 18, 2020 I actually didn't have any version of ESET NOD32 Antivirus installed. After the problem I installed other applications like ESET Online Scanner but the antivirus does not have.
Administrators Marcos 5,460 Posted February 18, 2020 Administrators Posted February 18, 2020 The thing is ekrn.exe was already running when you attempted to install ESET. Please run the Uninstall tool in safe mode and install the latest version from scratch as suggested above. When deciding between ESET NOD32 Antivirus (EAV) and other products such as ESET Internet Security or ESET Smart Security Premium, please note that unlike the other two products EAV cannot protect you from bruteforce attacks and from exploitation of vulnerabilities in network protocols, e.g. in case a particular critical Windows update is not installed as soon as made available by Microsoft.
leo_nazareth 0 Posted February 18, 2020 Author Posted February 18, 2020 Marcos, Thanks for the help I runned the unistall tool and it works.
leo_nazareth 0 Posted February 27, 2020 Author Posted February 27, 2020 (edited) After solving the previous problem I noticed that my EAV is not starting automatically with windows. I tried to enable it through the windows task manager (it's disabled there) but I can't. I also tried it through the CCleaner app and says it is not possible. I tried some solutions found in this topic https://forum.eset.com/topic/15233-eset-service-isnt-starting-after-shutdown/ , including the alternative that solved the problem ( https://forum.eset.com/topic/22602-installation-issue-due-to-malware ), where several threats were removed but did not work. I ran ESET Log Collector for both cases, with windows just started and after starting EAV manually, I'm sending the first one attached here, and because of the limited size I will send the other one by the link hxxp://www.mediafire.com/file/k8u1n69oqjbx133/eav_logs_after_Run_Nod32.zip/file. eav_logs.zip Edited February 27, 2020 by leo_nazareth
Administrators Marcos 5,460 Posted February 28, 2020 Administrators Posted February 28, 2020 Ekrn is running, it's just gui that isn't. Please provide a Procmon boot log from a system start as well. For instructions, please refer to https://support.eset.com/en/kb6308-using-process-monitor-to-create-log-files#boot logs
leo_nazareth 0 Posted February 28, 2020 Author Posted February 28, 2020 Marcos, Here is the boot log: https://www.mediafire.com/file/ii9t4i078q2kj51/BootLog_LN.zip/file
Administrators Marcos 5,460 Posted February 28, 2020 Administrators Posted February 28, 2020 I've checked the log, however, it's not clear what causes the issue. Ecmds is registered in the run key, however, explorer doesn't attempt to run it at all. I've noticed scpbradguard.exe running. What kind of protection software is it? Could you try uninstalling it?
itman 1,805 Posted February 28, 2020 Posted February 28, 2020 2 hours ago, Marcos said: I've noticed scpbradguard.exe running. What kind of protection software is it? Appears to be some type of bank provided security software. Appears among other things to be an anti-keylogger. Ref.: https://www.advanceduninstaller.com/Componente-de-Seguran-a-Bradesco-fc49ec89df3fbd05adc38f47002ae212-application.htm OP's bank might require it to do online banking activities.
Recommended Posts