Jump to content

Can't Install, Rolling Back

mobsky

By mobsky
in ESET NOD32 Antivirus

 Share

Recommended Posts

mobsky

mobsky 0

Posted
Posted

I bought this before yesterday and have been trying to install with no success, I tried the online/offline installers with same results. It 'rolls back action' and ends with an error that installation ended prematurely.

 

I followed the steps in the knowledgebase but still the same. Base filtering engine service is present and running.

 

I had AVG before and made sure that I completely uninstalled it, I even used ESET's AV removal tool. I also scanned for malware using ESET's tool as well, all seems fine. I generated the log files if somebody needs to look at it.

 

 

Windows 7 64 pro

 

 

Thank You

Link to comment
Share on other sites
mobsky

mobsky 0

Posted
  • Author
Posted

Did you use ESET's AV Removal tool from safemode ?

Did it list anything ?

 

yes, no conflicting software

 

Please pm me a download link to the install logs you've created.

 

Link sent.

Link to comment
Share on other sites
mobsky

mobsky 0

Posted
  • Author
Posted

Malware running, you know what, I used a bunch of security tools and software including eset's online scanner and non detected any! The only one that detected it was malwarebytes which is my first time using it.

pup.optional.systemspeedup, rootkit.necrus.l.64, trojan.agent, pup.optional.installcore.a

It blocked windows update and I noticed my internet keeps disconnecting for seconds, when I called my internet provider today they told me my system was compromised with malware that is allowing a remote entity to relay spam through my system and Marcos confirmed malware as well when I sent him the log files.

 

Why didn't eset's online scanner detect this?

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

Its unclear to me if the TS actually ended up installing ESET NOD32 or if the TS just cleaned the computer.

 

But if the TS installed NOD32 then it sounds like a good idea for the TS to enable detections of potentially Unwanted and Unsafe applications in NOD32. So no new PUAs get in and makes trouble for the TS again.

Link to comment
Share on other sites
tmuster2k

tmuster2k 22

Posted
Posted (edited)

This had nothing to do with PUA's. If Necurs was detected then it was holding BITS(Background Intelligent Transfer Service) Service hostage and if this service is not present then ESET will rollback just like if BFE (Base Filtering Engine) is missing because of Sirefef. When Necurs was removed it release BITS back to the OS thus making it possible to ESET to install and not rollback. If the customer would have run the NECURS removal tool from SOLN2372 that would also have brought BITS back and enabled ESET to be installed with no rollback.

Edited by tmuster2k
Link to comment
Share on other sites
tmuster2k

tmuster2k 22

Posted
Posted

Possible you didn't click settings and add pup detections.

Default doesn't scan for them at all.

the key bit of information he supplied here was rootkit.necrus.. PUA's rarely cause Rollbacks. Look at my reply at the bottom of this thread.

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

I was referring to the online scanner which does not use PUA's by default and i was talking about this:
 

 

pup.optional.installcore.a

I did not make any comment to rootkit or reference that other detection at all.

 

So i was not discussing that.

Link to comment
Share on other sites
tmuster2k

tmuster2k 22

Posted
Posted

I was referring to the online scanner which does not use PUA's by default and i was talking about this:

 

 

pup.optional.installcore.a

I did not make any comment to rootkit or reference that other detection at all.

 

So i was not discussing that.

my bad bro...

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...