Avak 0 Posted July 20 Share Posted July 20 Hello, I think that I acidently downloaded some malware (google also sent me "critical safety warning" about my email). ESET was warning me that sth is wrong with some files I downloaded, but I maneged to ignore that. Now when I'm trying to open ESET it's only poping for literaly half a second on task bar and then disapear. Do you have any idea how to fix that? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted July 20 Administrators Share Posted July 20 Please provide: logs collected with ESET Log Collector a Procmon log from time when you attempt to open ESET's gui. Quote Link to comment Share on other sites More sharing options...
Avak 0 Posted July 20 Author Share Posted July 20 Logfile.raressp_logs.zip I hope that this is what U meant Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted July 20 Administrators Share Posted July 20 ESET's service is configured not to start automatically and is registered twice it the system for an unknown reason. The machine is infected. I'd recommend to: 1, Run a scan with ESET Online Scanner and clean detected threats (Win64/Kryptik.EDF trojan) 2, Reboot the machine 3, Uninstall ESET. Also run the ESET Uninstall tool in safe mode to make sure ESET is completely removed. 4, Install the latest version of ESET Smart Security Premium 17.2 from scratch. Quote Link to comment Share on other sites More sharing options...
Avak 0 Posted July 20 Author Share Posted July 20 I think it's registerd once, I just started it normally and then i tried to run it as administrator Quote Link to comment Share on other sites More sharing options...
Avak 0 Posted July 20 Author Share Posted July 20 I rebooted it many times, I'm gonna try the other things that U meant Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted July 20 Administrators Share Posted July 20 I stand corrected, the ekrn service is registered once. It was the other service "ESET Firewall Helper" with that path. Still, ekrn.exe is not running so please re-install ESET. The startup type was changed from "automatic" to "manual" for the service. Quote Link to comment Share on other sites More sharing options...
Avak 0 Posted July 20 Author Share Posted July 20 So U think that scanning is not gonna help? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted July 20 Administrators Share Posted July 20 A malicious file is still on the machine but is not running. Theoretically it should be enough just to change the startup type for "ESET Service" to "automatic" and reboot the machine: Quote Link to comment Share on other sites More sharing options...
Avak 0 Posted July 20 Author Share Posted July 20 WOW , IT STARTED. It was in automatic mode, but service status said that its stopped, so I cliced start from that window and its working Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted July 20 Administrators Share Posted July 20 Please make sure that it works after a reboot. Also make sure that self-defense is enabled in the advanced setup -> HIPS as it should not be possible to tamper with ekrn service settings. Quote Link to comment Share on other sites More sharing options...
Avak 0 Posted July 20 Author Share Posted July 20 I rebooted it twice and it's working, in HIPS everything is working. Do you think its mean that my problem is solved? It says max protection in main menu Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.