Nightowl

When ESET detects something and no action is selected , it will go into Quarantine unless you told it to ignore the file, but the Trojan that you are talking about should do some changes to hosts file to prevent AVs to connect to their update servers.

Restoring the PC to earlier state won't do any help right? EDIT : No I don't think that would do any help , because Windows will restore system files to earlier state not the personal files. I've searched for Decryptor but there is no one unfortunately but with time someone will make one.

But when the PC is in safe mode , lot of other things will not run among the Anti-Virus , being in the Windows in normal mode , having the AV not enabled (Realtime disabled) does it help ?

I have the same thing with my Nod32 , a lot of unable to open reports , but I can understand that because the scan is not running as Administrator as far as I know , and AppArmor if working properly , should block Nod32 from accessing system files , in order to isolate the system , this is what AppArmor's job. Nod32 is not configured to work with AppArmor , it's not supported , I wish it would support , so less problems would be.

I am sorry I wasn't aware of that it's not available in Home edition, somehow Microsoft will force you into the update in the end.

ESET is great I have been using it for a lot of time , for drivers well most of these drivers software tend to do make you download their installers , or install some kind of unwanted software on your PC , you can keep an eye for drivers for your system in the manufactures websites , or through Windows Update , if there is a driver update available through Windows Update, like Graphics Card your Nvidia/AMD card's software will tell you when to update drivers and so on, You could use CCleaner for clearing registry without worrying about some bad software because CCleaner is trusted and used by lot of people

Once you go there I think there is an option to reset/clear the logs somewhere.

Thanks for telling me about WSL , I never heard of it before , I was just trying to help you with my suggestions but it seems that I didn't , well atleast I learned something and I will take a look at WSL.

Just roll back to 1803, In the Windows Update settings you have the option for Semi Annual Channel (Not the targeted one) which means that you will receive the update once it's approved for Enterprise use , just like when they have updated to 1803 they just have affected the Microphones

Why are you using such software like Driver Easy ? , well get rid of it and try to know the hardware that you use and then you could use google and the manufactures websites to find the drivers for what you want , or do a Windows Update and let it download the drivers and then use the Device Manager or CPU-Z /GPU-Z to know details about your motherboard and CPU and etc

Where did ESET find these files? , in the cache of the browser? Virusradar has no description for this trojan yet , I found description for one that ends with .DJ instead of .DP : https://howtoremove.guide/jsextenbro-agent-dj-trojan-virus-remove/ According to Microsoft description for the same name but different ending , that the trojan when active prevents your PC from accessing update files through Hosts file in Windows " %windir%/system32/Drivers/etc/hosts " If you could take a look at your hosts file and check if it has been modified by the trojan , for the best measure keep the trojan in Quarantine now till you make sure that it's a trojan or it's a false positive that you will be able to restore it(if you are interested). I found this from Sophos also : https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Troj~Agent-DP/detailed-analysis.aspx You could find more information here to help you determine whether that was a false positive or not , All of the sites that I have searched list that this trojan once active will change the hosts files in order to prevent you from communicating with the servers of the AV that you do use , but one thing that is missing from the list is the ESET servers. According to Sophos , that the trojan will try to terminate your AV , the list is in their website , but egui is not among them , so it shouldn't be terminated because the AV won't look for it , because it's not made to look for it , and even in the hosts file it's not in the design to block ESET updates , Please do check your hosts file to determine if the trojan was running before.

Hope that helps you.

Why don't you install Ubuntu/Linux as Virtual Machine and use the terminal from there ? , instead of that software which emulates Terminal on Windows, But also if you feel that you don't want to stop using that software and not go for virtual machine , if you trust yourself with what you are doing in that emulator , then you can exclude it from being scanned till ESET provides you for a fix so you can use it fast while ESET is still monitoring your system.

Doing so ESET will stop scanning Firefox and Thunderbird in realtime. , enabling the real-time scan will make them not work properly?

You should report that to Palo Alto so they can check why they are blocking ESET update servers.

I don't know , I thought 'one' should be more careful when releasing something to millions of people. But whatever , it's not my issues and Microsoft isn't mine.

It's funny that you pay for an operating system that will provide you an update to make it more stable or more secure or reliable or whatever you want to call it , instead it crashes your PC and removes your data , and then you should expect the user to be happy because they will offer me data loss applications? , well they are widespread accross the internet these tools , but who wants to spend hours trying to restore GBs of data? , because of someone else fault that decided to release and update that broke systems. Well that's not what a giant corporation act like , you shouldn't release anything to the public if it will make a mess , you should keep testing till you realize oh wow , we could get it out.

Nothing criminal indeed but when you value the system that you use and the files that you store in your system you expect a corporation that is big as Microsoft to release you something that is stable and won't cause you data loss just because you have decided to stay up to date.

Microsoft has stopped the update from rolling out to people due to the problems that people are experiencing with it , funny ain't it? , they still can't make a stable update. You could atleast delay that in the future by switching to Semi Annual Channel in the update settings which delays the update till it's approved for mass use

How did you know that these doc files are infected? , what made you think that they are infected?

For now as far as I know , no , you could exclude Chrome from being scanned by ESET , or you could switch to another browser like Firefox or Palemoon.

It might be because NOD32 is trying to scan and access Chrome and Chrome is preventing it so it's crashing in the end , you either exclude Chrome from ESET to make it work temporary till someone manages to do a fix for it , or you switch to Firefox but as you have said Firefox won't work , You have Opera as a choice , or Palemoon which is based on Firefox(old Firefox) but it's security updates are taken from Firefox itself.

Is this what you are looking for ? : https://support.eset.com/kb5956/?locale=en_US&viewlocale=en_US

Setting the rule in Apparmor to allow ESET won't do any help? , I guess it's having troubles with this problem and my problem earlier posted in the forum , won't it get fixed if we allow ESET in Apparmor? , Because Ubuntu now uses AppArmor and other Linux will use SELinux so it will be the same with Apparmor or SELinux

You are welcome , glad that I was helpful. ?