| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 126076 | 2012-08-05 07:41:00 | NOD32 Two questions reinstall + quarantine items | ktee (5538) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1293059 | 2012-08-05 07:41:00 | I am going to uninstall and Reinstall NOD32 In instruction (I’ve printed out) after End user Agreement the next box has 2 options ”Participate in the ESET live Grid network” (says give you additional level of security), but it’s not compulsory only recommend. However instructions say tick “YES” What the general consensus, do I tick for yes?? The other box I understand Detection of Potentially Unwanted Application so I tick Enable. 2nd Thing Smart Scan ran auto on Friday all fine didn’t pick up anything. Today just before I uninstalled (was going to) I ran another one. It stalled at 99% on c:\windows\winsxs. I waited for 40 mins nothing happened so restarted system and ran again. No problem and picked up no threats. But...in the previous scan that stalled, well before it stalled in showed 4 threats, looking at them now in quarantine it says “a Variant of Win32/Kryptik ....trojan” for all of them. From what I remember NOD32 takes/or stops them from the path it shows being installed, but I just thought I’d check anyway in those paths. Three of them aren’t there so I thought fine I just delete from quarantine. But the 4th one is an Eset file, looking at google it seems to be ok, and the installed date is when NOD was installed, and not between Friday and today. So concerned if I delete it in the quarantine file it will delete it from the original location, and might cause me a problem when I uninstall. If it is a Trojan why wouldn’t previous scans have picked it up??. My other concern is that the other files aren’t Trojans either (not that I would really know) and I might be deleting important files?? All threats dated 5/8/2012, first 3 not in the path location C:\Windows\Installer\$PatchCache$\Manager\00021 etc etc a Variant of Win32/Kryptik.KMN Trojan C:\Program Files\Microsoft Office\Office12\OIS.EXE a Variant of Win32/Kryptik.AMQ.trojan C:\Program Files\InstallShield Instation Information\(9068BE-D93A-4COA-861C-5E2C0E09E)\setup.exe a Variant of Win32/Kryptik.GGL trojan C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe a Variant of Win32/Kryptik.AMQ trojan The last one is there, same as ABOVE path but installed 2 months ago when NOD installed. So do people think it’s safe to delete all from Quarantine?? |
ktee (5538) | ||
| 1293060 | 2012-08-05 07:48:00 | Sounds like NOD is screwed, if its detecting its own files as malware. I would disable system restore then do a full scan see if anything else is found. Then turn it back on, if you use it | Speedy Gonzales (78) | ||
| 1293061 | 2012-08-05 09:07:00 | Tried that it didn’t pick up any more threats, ran again to make sure and did notice that Number of scanned objects had decreased For the scan that worked okay after the stalled one it was 141k. For the one after turning off restore it was 95k For the one after turning restore back on its 87k Under Computer scan, log (not tools, log files), not sure how I got it, but it says Scanned disks, folders and files:Operating memory;C:\Boot sector,C:\ Boot sector of disk C: - error opening [4} Then lots of files listed all saying error opening [4]. Lots are Windows\winsys, then Windows\System32 and Windows\servicing\packages ; hiberfil.sys; pagefile.sys Etc etc Maybe I should leave the files in quarantine and just uninstall NOD and reinstall So for install instruction after End user Agreement the next box has 2 options ”Participate in the ESET live Grid network” (says give you additional level of security), but it’s not compulsory only recommend. However instructions say tick “YES” should I select that?? |
ktee (5538) | ||
| 1293062 | 2012-08-05 09:51:00 | The 'live Grid" only alerts you to the latest threats that users world wide pick up, Read this (www.eset.com) Question: why are you continually uninstalling then reinstalling Nod32 ?? From memory this is the second time in two months since it was installed early July. |
wainuitech (129) | ||
| 1293063 | 2012-08-05 10:39:00 | Answer: Since receiving system back with Vista reinstalled I have not yet uninstalled or reinstalled NOD. Though it was suggested to do on previous thread, once I rebooted it ekrn.exe reset itself. However it did not last As I am not familiar with uninstalling or reinstalling I tried some other things first. E.g., Use a different browser Mozilla. Result was CPU a lot lower but the same problem ekrn.exe maxs out after approx 3 days in either I/E or Mozilla Installed 7/7 restarted 8/7am maxs out 11/7 left till 25/6 when I rebooted and I thought it cleared the problem. 25/6pm rebooted 29/6 maxs out 29/6 pm rebooted 2/7 maxs out 3/7 rebooted 8/7 maxs out etc etc I have since been told a program that was installed "SuperAntispyware" on Vista reinstall is conflicting with NOD and to delete it. But on googling I see many other people have both and some seem to have no problems others do. So first I want to reinstall NOD (for the first time by me), But I want to get all the things it may ask me to do when I install correct. Then if I still have the same problem I’ll uninstall the Superantispyware I have been trying to work out these problems myself, slowly I admit, but I look up everything first and try to understand it Is that okay with you Wainuitech??? Maybe I’ve got it wrong but is this forum only for those with lots of knowledge, not for those with little |
ktee (5538) | ||
| 1293064 | 2012-08-05 11:04:00 | Those last two comments were not called for in the slightest. I was simply going from memory that Nod32 was uninstalled relating to the previous thread, techs work with hundreds of computers and cant be expected to remember every ones actions. To answer your question, I've installed the combination of Nod32 / Super Antispyware hundreds of times and Never had a clash. In fact the opposite, sometimes ( on rare times) both programs will detect infections that the other has Quarantined in their appropriate locations. When the PC was reinstalled back early July, everything was working perfectly on return, everything is always tested before returning. If you remember you wanted to install all the programs yourself, "IF" any of those have not gone in correctly for what ever reason or have not updated correctly if updates were available for them problems may arise. Vista is well known for being a bad unstable OS, so the problems may not have been caused by Nod or Super, but by Vista being troublesome. BTW: C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe is a legit file in Nod32, its part of the Command Line Scanner. |
wainuitech (129) | ||
| 1293065 | 2012-08-05 11:34:00 | When the PC was reinstalled back early July, everything was working perfectly on return. If you remember you wanted to install all the programs yourself, "IF" any of those have not gone in correctly for what ever reason or have not updated correctly if updates were available for them problems may arise. Vista is well known for being a bad unstable OS, so the problems may not have been caused by Nod or Super, but by Vista being troublesome. I never identified you as the tech who re-installed my system you did that in my previous thread and seem to want to continue to do so despite me starting another thread. As stated above NOD worked for 3-4 days from install. After reboot another 3 days etc. Yes it worked the day I received it back but only for 3 days. I afraid you are not remembering correctly I do not have any programs to install, I certainly do not want to install anything I just don't have the experience. You may have said it would cost me more if you had to install other programs, but if I had them I would paid, such is my lack of installing experience. They always give a choice of options to do and I don't know what they are. The only thing I had to install was the printer from a disc done on 14th, after NOD problem. I am only asking for help from others on the forum to fix this and some other problems. So getting back to my question does anyone think its just safe to uninstall/reinstall NOD32 and not delete the above mentioned trojan files |
ktee (5538) | ||
| 1293066 | 2012-08-06 00:28:00 | Its allways possible that your PC is actually infected, (or could just be false positives). If a NOD32 file is possibly infected, you need to run another 'brand' AV scan across the PC. Try downloading MSSE & run that across the PC . Or the Kaspersky Virus Removal Tool www.kaspersky.com |
1101 (13337) | ||
| 1293067 | 2012-08-06 06:51:00 | Thanks for that. If I can work it out I might try that. Presume I would leave NOD installed but disable it then download another antivirus program?? So far today have uninstalled and reinstalled NOD once leaving Superantispyware there, didn’t work, so then uninstalled SAS, and uninstalled and reinstalled NOD. Made no difference erkn exe still climbing. So far its’ been 3 hrs and the erkn exe (on resource monitor – Memory Commit KB)climbed to 214,944. In 12 mins its increased 8,000 KB. So that will be 40,000 in 1 hour and 960,000 in 24 hrs (I think, not great at maths). |
ktee (5538) | ||
| 1293068 | 2012-08-06 07:22:00 | How many tabs or windows do you have open ? | wainuitech (129) | ||
| 1 2 | |||||