Arakasi

If Windows Defender is compromised, it may be a variant of Sirefef lol. Good luck. Im sure Peter will get you some much needed assistance !

I am very sorry mayaonline, traditional approach to investigating the false positive is the only method that will work in your situation. These public forums are for the assistance of public and private users of ESET security system software. While sometimes assistance out of scope is provided, customer facing service is better handled by phone or by email. I think were just a bunch of techs in here doing what we can to help with system related issues and or questions about ESET products. Good luck sir !!

As i stated here : I run a computer business and receive desktops and laptops on a daily. "Around 20-40 per week " MSE runs good by itself and its pretty light. ESET runs good by itself and is pretty light. ESET goes after the malicious files and very hard to clean viruses. It thwarts off activity intended to ruin your system or steal information. Due to threatsense, it will detect more in the wild AV then any other AV today. Cookies are not dangerous, nod32 engine does not remove these. ESET does detect and delete most adware if not "ALL" if you are using "Detect Potentially Unwanted Applications " (PUA) ESET supports most versions of Microsoft Outlook. If a virus is attached to a .msg file that is buried within a PST , it is most likely harmless. Until its release upon the system where it is aloud to run its instructions against the file system. The moment you import that pst into outlook, where it will return to .msg format. ESET will either catch that unpacking or it will discover it upon loading outlook or coming in contact with that email, whether it be a send, or a click, or a transfer from folder to deleted items etc. ESET supports Microsoft Outlook via add-in. Going back to your origional question.... You may be able to run them both simultanously, but having 2 real time protections turned on will eat up more RAM, use more of your CPU and if they happen to end up on the same file together, you might experience a lockup or sudden halt due to CPU RAM high or similar to an IRQ trigger. (I have seen it happen) Having both scanning at the same time is not the same as real time protection monitoring and landing on the same file together. I am not bashing Microsoft Security Essentials, simply answering your question and then some, because that is the software i install on computers if people refuse to pay for AV products. I give them a decent Free solution. "MSE". Good luck

If you want supplemental protection with Eset i would recommend the following: Malwarebytes /no PRO version (however i run pro with no issues) SuperAntiSpyware /no PRO version HitmanPro Cylance Works well with ESET Mbam has a beta version of an anti-exploit for common apps that seems to be decent too. It caught 1 attack on IE that i witnessed from java code so i know it has some decent instructions for observing infiltration.

MSE is a real time protection and will not work well with ESET. ESET is by far greater in hueristics and greater at cleaning then MSE. You will take a major hit in system resources and i have witnessed lock ups and problems booting on customer PCs trying to instance their own virus removal. You may be able to install in tandem, but they wont play well together.

If traditional methods cause an error, similar to uninstaller cannot be ran, found, or is corrupted and the process gets rolled back. Post back here and ill assist, which would be out of scope for traditional antivirus and more of a pc maintainance issue.

You can trust security companies and their staff whos main purpose is to clean and disenfect systems from ransomware and any malware that is dedicated to malicious intent. *cough* ESET

Marcos or any mod. We have a link again in previous post. Please assist team. Thanks

ESET should clean it for you. With a custom scan , look at your options Jeffrey, see pic below.

Thats a good trio of programs to have chrlshlmn , good stuff.

Ghali , First try downloading from this link and running : h ttp://download.eset.com/special/ ESETUninstaller.exe ( As an exe please put the link together. ESET has this file on the uninstall page below) It is a resource from this page : hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2289&locale=en_US Instructions are provided there for manual removal of the product. If these methods do not help, post back here and i will tell you how to delete manually without software and deleting that system permission folder.

I know some parents like to install keyloggers to keep a parental control and watchful eye on their children Swex. There are some benefits to keyloggers on the opposite end of the spectrum.

What browser are you using ?

Sorry to see your still at it Swex :/ Let me know if you need some help throwing together any data ? What does procex or process explorer say the svchost is coming from? Have you stated multiple cores are blasting at 99%? Or is it hyperthreading cpu ? Single core ? with ht?

So far i removed CreatorOwner, Users, and Administrators workgroup. I added my current user workgroup and/or my user account so i can continue to modify. Changed ownership from SYSTEM to my user account. Removed inheriting permission so the directory is alone with ACL and nothings propagated. So far the folder is no longer being modifed by the malware, and i will continue to modify to find out what executable or service this malware is using to make changes.

Hey my friends, This post is for Eset staff. I am examining the activities of some malware i found that seems to be performing silent operations i would like to diffuse. The malware is creating objects in c:\windows\temp I have started an ACL examiner on the directory for changes. Can someone provide a confirmation on the following and if this is an action that always happens during update : Eset Nod32 ver 7.0.104.0 created temp files during vsd update: C:\Windows\Temp\NSFF577.tmp C:\Windows\Temp\NSFF578.tmp Create event. Change attributes event hidden readonly sysfile & archive. Followed by delete event. Also, if possible, what impersonation and/or acl workgroup can be safely applied to the directory for Eset SYSTEM works "Authenticated Users" works, however i want to remove one and limit the scope of permissions on the directory. I would like to use the group of least propagation or the group Eset uses definitively for the file creation to minimize what possible group or user account the malware may be running an impersonationLevel=impersonate command on. Thanks for any help provided

Thanx a lot for your words. They are really helpful. I just wanted to say that NOD can be better than it is. Obviously some people is not sharing the same perceptions with me. I am really-really sorry about my topic. I should write nothing. Please delete my topic. You dont have to apoligize for voicing your opinion sir. Due to nationality or difference in languages i may have misinterpretted your feelings toward Eset and Marcos, It almost sounded aggressive. I would gladly state that our views and opinions on processor affinity and utilizing more cores for apps are one and the same. It is also my belief that Eset has a strong research team that has already thought of your request, and im confident they have already, come up with pros and cons and the why and why nots. Marcos makes it sound like they understand and have already made alternative solutions and for good reason. You are welcome to post anytime, it creates good debate and we all learn from it. I do feel Eset makes such a good program with no comparison and i wouldnt want to change to another for a processor load scenario.

Well i dunno about drive heads move forth and back, n such ... because i have an SSD sitting on a pci-ex lane. No heads back and forth for me lol. When several NAND chips operate in parallel inside my card, the throughput does scale yes, but the high latencies can be hidden as long as there are plenty of operations pending and the load is evenly distributed. Not to mention the data striping and interleaving that many ssd's now have built into them. Oh, if its not known, pci-ex also has a striping of data when sending through the links to reduce latency. I may be wrong but i think the 3.0 pcie is 8-16gb/s on the x16. Anyway im rambling, but just mentioning im not affected by the read write head issue. Did not think of the scanning causing the read heads to swap all over the place, was at the back of mind. Was more about sticking up for you Marcos

Doctor-z LOL You have demands ?? Ha Your hilarious. *Munching popcorn* 1. Please read up on how smart scan works for ESET , each scan after the fact will be shorter and faster because if a files hash does not change, and you have scanned it before, or if the same md5 has been sent into threatsense, esets scanner, or ekrn will not scan that file on the next go around, it will skip it, thus reducing the time it takes scans to complete. Some people report scanning 200,000 plus files with eset in less then 2 minutes. As far as your affinity issue concerns, use some logical thinking here if your a programmer, guess what i am also a developer and i would have much to teach you in programming etiquette if your thinking is as i have observed. Marcos states your problem resolution here : So Open 1 scan task, and scan 25% of your files. (maybe your windows folder) Open a second scan task, and scan another 25% (your progam folders) Open a third using 25% (Users and profiles) and a 4th the remaining 25% ( another drive or remaining files ). The 4 scans would run concurrently and your whole drive would be getting scanned (essentially a full scan), thus each new scan utilizing another core. You would decrease the time you have to wait to finish. If this isnt possible, look into overclocking and change your core frequency to be much higher, thus speeding up your scans. Good day sir.

hxxp://www.bleepingcomputer.com/forums/t/501540/ransomcrypt-dirtydecryptexe-uses-efs/page-11#entry3154366 Lawrence Adams from Bleeping computer has confirmed This MrNobody can restore text not formatting on .doc's infected by Dirty and restore text and formatting on .docx One step in a positive direction for this nasty virus that ruins peoples data.

Its all indicative of a failed drive or encrypted drive. I could always be wrong. Dells usually have Norton or McAfee and i dont think those even paired with eset would cause that. Case of bad luck

I think this is a PUP. A few things you could try. Boot to safe mode and run a scan. Start the scan going in eset with option *dont auto clean after scan, then process kill your explorer.exe then process the cleaning in eset and reboot. Manually delete the PUP from the registery in safe mode and delete all files folders associated with it. Then run a reg clean with ccleaner. Before any of this i would recommend following these procedures to help Eset get a handle on it if there are removal issues : hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141&locale=en_US

Dells always always come with a second partition with restore options. If you dont know how to use it call Dell. There is no way eset could have caused what your describing, let alone a virus could not even for go the damage your speaking of. You have a hard drive thats going out or is failing 90% so it was bad from factory or your motherboard is bad 10%. Contact Dell or see a local Tech. Good Luck!

Umm what ?

Yes !