Removing kernel drivers from NOD32

Discussion in 'ESET NOD32 Antivirus' started by SamSpade, Dec 3, 2007.

Thread Status:
Not open for further replies.
  1. SamSpade

    SamSpade Registered Member

    Joined:
    Oct 22, 2006
    Posts:
    415
    I have been having some extended boot times since around the time I trialed nod32 v.3 a month agao. It now takes about twice as long for my machine to boot down -- empty wallpaper stares at me for a minute -- and boot up -- with the "Welcome" screen making for symmetrical balance by its own one-minute show.

    I have tried to completely remove all traces of nod32 from the registry and have succeeded except for the kernel drivers, which won't budge.

    Is there any way to safely remove these driverso_O



    //
     
  2. Yakumo

    Yakumo Registered Member

    Joined:
    Mar 22, 2003
    Posts:
    8
    the nod32 v3 kernel service is called 'ekrn', the http service is 'EhttpSrv'

    both services are in "\Program Files\ESET\ESET NOD32 Antivirus\" if you used the default install directory.

    start a command prompt start -> run -> type "cmd" (enter)
    or in vista start -> type cmd (into the start search, not a run prompt) and hold left shift, and left control as you press enter to get an administrator cmd prompt.

    then in the command prompt :

    sc stop ekrn
    sc delete ekrn
    sc stop EhttpSrv
    sc delete EhttpSrv

    will remove the services completely, and you'll then be able to delete the files from the eset install directory.
     
  3. SamSpade

    SamSpade Registered Member

    Joined:
    Oct 22, 2006
    Posts:
    415
    Thanks, Yakumo. I did as you suggested and well, I didn't have either of those services running or installed. So, I guess that hasn't been my problem.

    Back to the drawing board....


    o_O


    |||
     
  4. Yakumo

    Yakumo Registered Member

    Joined:
    Mar 22, 2003
    Posts:
    8
    Try having a good look at what's loading up on your system with 'autoruns' from sysinternals (free)

    you can learn a lot about what's currently running with process explorer and process monitor from there also.

    In all cases be very careful if you remove/edit anything unless your absolutely sure of it's function.
     
Thread Status:
Not open for further replies.