[ESET Smart Security 7 uses 1,3 GB RAM]

JDownloader2 read/writen

ESET's constant scanning and production of temp files for checking JDownloader's activity would likely be what is causing your excessive memory usage. There's a workaround posted on the JDownloader forums for ESET products, but in my opinion the workaround creates a huge security hole. I'd wait to see what the ESET moderators recommend as the best way to handle the issue.

[Where can you safely download Hiren's BootCD?]

You can download it from hxxp://www.hirensbootcd.org/download/

 

[Win32/Kryptik.BOJT Trojan variant found]

There's a service entry in the registry most likely related to the infection -

Services:

"Windows Management Instrumentation" = "c:\progra~3\etfq4h.pss" Automatic ; Stopped ; ( 5: Unknown ) ;

[What are these detections?]

Arakasi, hxxp://www.malwaredomainlist.com/mdl.php will reveal all without needing to personally do any sort of tracking.

[Ghostly files detected and quarantined!]

Have a look for: C:\Users\[user name]\AppData\Local\ESET\ESET Smart Security\Quarantine\INFO.NQI

[ESS 7 gui "Computer scan" and...]

When I select "Computer scan" in main gui there is always some delay 2~3 sec.

 

I've not seen a delay on any PC when selecting Computer scan.

Was this an upgrade or a clean installation?

[False positive: Kindersicherung 2013 from salfeld.de]

Since they're using MadCodeHook, would it help if the certificates for the 2 files detected were not beyond their valid date?

Salfeld Computer GmbH
Valid from: 1:00 AM July 29 2009
Valid to:   12:59 AM July 30 2010

[ESET Security Warning?]

It looks like a warning from Java Runtime Environment. Refer to: hxxp://www.java.com/en/download/help/appsecuritydialogs.xml

[ESS 7.0.302.0 - anti phishing bug]

Win 7x64 sp1
ESS 7.0.302.0

 

If I select 'Temporarily disable protection', when I re-enable protection ESS is displaying Anti-phishing protection as being disabled. In advanced setup, Anti-phishing protection is still checked.
Is this a GUI bug or is Anti-phishing protection actually still disabled?

[HIPS Log Files]

Do you have 'Log all blocked operations' checked?

Note: only use this for troubleshooting purposes.

[Why is ESET failing so bad?]

I think that it's kind of real-time behavior-based detection component but after Marcos's explanation... now it sounds very limited.

 

I think what Marcos means is that previously this form of memory scanning was only available during startup and on-demand scans. The limitations with this approach is that memory detection is reliant on a single snapshot of the memory.

Now with it being available as a real-time detection, it is better able to detect suspicious and/or malware like behaviour patterns.

[NOD 32 7 beta not recording threats found in threat log]

I would expect that the results of a user initiated or scheduled computer scan would be shown in the Computer Scan log. Showing the results elsewhere wouldn't make much sense to me.

[Files in quaratine]

What is happening when you right-click on an item in quarantine and select 'Submit for analysis'?

[Operating Memory virus help]

There are only 4 files detected as Potentially Unwanted Applications, no sign of any MBR infection.

C:\Users\jeffrey\AppData\Local\Temp\61D0.tmp » NSIS » Script.nsi - Win32/DownloadAdmin.G potentially unwanted application
C:\Users\jeffrey\AppData\Local\Temp\B56D.tmp » NSIS » Script.nsi - Win32/DownloadAdmin.G potentially unwanted application
C:\Users\jeffrey\AppData\Local\Temp\C5FE.tmp » NSIS » Script.nsi - Win32/DownloadAdmin.G potentially unwanted application
C:\Users\jeffrey\AppData\Local\Temp\uttEA7F.tmp.exe » NSIS » SDSPlugin.dll - probably a variant of Win32/Toolbar.Widgi potentially unwanted application

 

Just navigate to: C:\Users\jeffrey\AppData\Local\Temp

Right click on the Temp folder and in the context menu for ESET go to Advanced options ->Scan and clean

Once cleaned, run an in-depth scan. 

[super anti-spyware and malwarebytes/free editions]

Yes, using them on demand will be fine.

[ESS - The never ending update]

No more ESET Wheel of Misfortune.

Current modules for ESS 7.0.104.0 (non pre-release):

• Virus signature database: 8715 (20130822)
• Update module: 1044 (20130708)
• Antivirus and antispyware scanner module: 1406 (20130822)****
• Advanced heuristics module: 1142 (20130712)
• Archive support module: 1174 (20130724)
• Cleaner module: 1075 (20130730)
• Anti-Stealth support module: 1050 (20130807)
• Personal firewall module: 1138B (20130802)
• Antispam module: 1026 (20130715)
• ESET SysInspector module: 1236 (20130614)
• Real-time file system protection module: 1007 (20111129)
• Translation support module: 1110 (20130729)
• HIPS support module: 1093B (20130806)
• Internet protection module: 1079B (20130822)****
• Web content filter module: 1028 (20121113)
• Advanced antispam module: 1446 (20130821)
• Database module: 1037 (20130604)

[Sample Submission for Analysis]

Is there a log for past files submitted ?

Not that I'm aware of, though the best way to submit files is by following the directions at hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141&actp=search&viewlocale=en_US&searchid=1377139275407&ref=esf

[ESET Smart Security 7 Beta & ESET NOD32 Antivirus 7 Beta Released – Give Feedback and win]

 

Virus database update (last successful update August 19, 2013 1:31:50 p.m.) does not terminate.

Alt+Shift+F4 then launch AV.

 

Unfortunately, exiting the GUI doesn't help. As soon as you relaunch, you see the endless update continuing, so a log off or reboot is necessary.

[ESS - The never ending update]

Refer to my reply at: https://forum.eset.com/topic/330-eset-smart-security-7-beta-eset-nod32-antivirus-7-beta-released-–-give-feedback-and-win/page-13#entry3794

[ESET Smart Security 7 Beta & ESET NOD32 Antivirus 7 Beta Released – Give Feedback and win]

Virus database update (last successful update August 19, 2013 1:31:50 p.m.) does not terminate.

Yeah, I've been stuck with this for the last ~3 hours. The virus signature update completes and then the GUI shows Application Update -> Update Progress 0kb / 0 kb. The only way to stop it is to log off or reboot, though that will only last until ESS next checks for updates.

[start up program]

It's likely an AutoIt v3 Compiled Script supposedly written by Elie Cohen (ESET, LLC) who is definitely not an employee of ESET.
(Just Google Elie Cohen)

Open up task manager and kill the process, uncheck it in msconfig, then follow the instructions for submitting a suspicious file at:

hxxp://kb.eset.com/esetkb/soln141&ref=esf

[Ultracopier/Supercopier]

To submit a suspicious file, website or possible false positive to ESET for analysis, follow the instructions for your issue at:

 hxxp://kb.eset.com/esetkb/soln141&ref=esf

[Ultracopier/Supercopier]

it's my last try before legal action

 

I gather then you'll be taking action against many AV/AM companies.

Removing the potentially unwanted BCMiner should solve you're problem, as long as it's not repackaged with some other PUA or PUP.

[Possible local.db corruption]

Win 7x64

ESS v7.0.28.0 previously occurred on v6.*

Symptoms: slow opening of commonly used applications.

I booted into safe mode and moved the local.db file. All affected applications now respond as expected.

I can provide the local.db file for inspection if required. (~23MB)

 

regards

[The V7 icon is so ugly..]

At first I thought eeeek, but I've kind of become used to the new icon. Also, it's more in keeping with the appearance of the 'e' in the eset logo.