autobotranger

I finally decided to upgrade my Windows 10 to the new Fall Creators Update and before doing so I uninstalled Eset NOD32 Antivirus version 10.1.235.1 in order to prevent any potential conflicts doing the W10 update. When I concluded that everything seemed in order with the OS after the update, aside from my screen brightness going haywire, I went ahead and installed the new Eset NOD32 Antivirus version 11.0.149.0 (danish UI) using the Live Installer. The installation was a succes and I went on with my daily routines. Though I've noticed something rather odd regarding v.11 and I'm wondering if this is now intended? In any of the previous versions of NOD32, these results, that are files currently used by the OS or other programs ("kunne ikke åbne" means "could not be opened"), where not outlined in red text. For some reason, in version 11 all the results are now marked with red text in the scan logs. Is this intended or is this some sort of an error? It seems odd that all the results would suddenly be outlined in red, usually indicating a warning, when they all used to be simple black (or was it blue? I already can't remember..) text in the previous versions of NOD32. So yeah, in short. Is the new red text intended for all scan results, and not just absolute warnings, or is this some sort of error?

This exact same "bug" also occurs for me, but I'm currently still on NOD32 Antivirus version 10.1.235.1 Never saw this happen in the previous version of version 10. It started after the automatic update to the current version of v10. It sometimes happens when refreshing Live Grid and then it goes back to normal after another refresh.

Hello again. Sorry for the late reply, but life got in the way as it sometimes does. I have now attempted all of your suggestions from the post above, without success unfortunately. This post will be rather long as I have documented the entire run through: I already had my file explorer set to show hidden folders and files. Despite this, GAC_MSIL can still not be found under the specific directory. I even attempted to find it while in safe-mode. I uninstalled the game via the Steam client and ran Ccleaner afterwards followed by a reboot of the system. Unfortunately, the problem still persists, plus a couple of new additions. Though I'm not certain if those are caused from an update I cancelled for the game Team Fortress 2. MBR-sektor for 2. fysisk disk - fejl ved åbning af C:\hiberfil.sys - fejl ved åbning af C:\pagefile.sys - fejl ved åbning af C:\System Volume Information\{069313ea-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{06931447-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{4cf8617d-13a4-11e7-a2de-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{5bffe9fc-fdcd-11e6-a182-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{7f9dd97d-0e3b-11e7-aff8-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{b67727fd-10a5-11e7-a9b9-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\System Volume Information\{b78b23fc-0347-11e7-b497-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Installer\25e0a.msi » MSI » media1.cab » CAB - fejl ved læsning af arkiv C:\Windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Microsoft.NET\Framework64\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.17514_none_141b1b1223b1ada7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18523_none_141c340a23b0aa84\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18529_none_141bab5a23b1444a\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.19091_none_1423663a23aa2435\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22733_none_fd4f8d703d572432\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22740_none_fd50d2123d55f0a6\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.23290_none_fd55d61e3d516aeb\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.17514_none_05d4965a61a326fa\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18523_none_05d5af5261a223d7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18529_none_05d526a261a2bd9d\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.19091_none_05dce182619b9d88\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22733_none_ef0908b87b489d85\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22740_none_ef0a4d5a7b4769f9\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.23290_none_ef0f51667b42e43e\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres Bootsektor for disk D: - fejl ved åbning af D:\ - fejl ved åbning af E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38.dll - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38_x64.cat - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38_x64_xp.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » Jun2008_d3dx9_38_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » infinst.exe - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40.dll - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64.cat - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64_xp.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » Nov2008_d3dx9_40_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » infinst.exe - arkivet er beskadiget - filen kunne ikke pakkes ud. Bootsektor for disk G: - fejl ved åbning af G:\ - fejl ved åbning af "Arkivet er beskadiget - filen kunne ikke pakkes ud" can be translated into "The archive is damaged - the file could not be unpacked". I did the following and the system found no errors. Afterwards I scanned with Eset and got the same results as above. This is where things get rather frustrating. I booted into safe-mode and ran system restore as admin as you suggested. Unfortunately I had to try 4 different restore points before Windows stopped giving me the following error message: The text under details basically translates into "Unpacking the file (C:\) from the restore point was not successful. An unspecific error occurred doing system restore." It took until the 4th restore point for the process to be completed successfully. Again, all of this was performed via safe-mode. After the successful system restore point I ran a scan with Eset, but unfortunately the odd entries are still present in the scan log: Log Scanningslog Version af virussignaturdatabase: 15175 (20170330) Dato: 30-03-2017 Klokkeslæt: 19:32:20 Scannede diske, mapper og filer: Hukommelse (RAM);Bootsektor;C:\Bootsektor;C:\;D:\Bootsektor;D:\;E:\Bootsektor;E:\;G:\Bootsektor;G:\ MBR-sektor for 2. fysisk disk - fejl ved åbning af [4] C:\hiberfil.sys - fejl ved åbning af [4] C:\pagefile.sys - fejl ved åbning af [4] C:\System Volume Information\{069313ea-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{06931447-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{4cf8617d-13a4-11e7-a2de-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{5bffe9fc-fdcd-11e6-a182-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{7f9dd97d-0e3b-11e7-aff8-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{b67727fd-10a5-11e7-a9b9-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{b78b23fc-0347-11e7-b497-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Installer\25e0a.msi » MSI » media1.cab » CAB - fejl ved læsning af arkiv C:\Windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Microsoft.NET\Framework64\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.17514_none_141b1b1223b1ada7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18523_none_141c340a23b0aa84\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18529_none_141bab5a23b1444a\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.19091_none_1423663a23aa2435\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22733_none_fd4f8d703d572432\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22740_none_fd50d2123d55f0a6\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.23290_none_fd55d61e3d516aeb\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.17514_none_05d4965a61a326fa\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18523_none_05d5af5261a223d7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18529_none_05d526a261a2bd9d\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.19091_none_05dce182619b9d88\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22733_none_ef0908b87b489d85\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22740_none_ef0a4d5a7b4769f9\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.23290_none_ef0f51667b42e43e\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres Bootsektor for disk D: - fejl ved åbning af [4] D:\ - fejl ved åbning af [4] E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38.dll - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38_x64.cat - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » d3dx9_38_x64_xp.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » Jun2008_d3dx9_38_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\JUN2008_d3dx9_38_x64.cab » CAB » infinst.exe - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40.dll - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64.cat - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » d3dx9_40_x64_xp.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » Nov2008_d3dx9_40_x64.inf - arkivet er beskadiget - filen kunne ikke pakkes ud. E:\Video Games\Steam 2\steamapps\downloading\440\_CommonRedist\DirectX\Jun2010\Nov2008_d3dx9_40_x64.cab » CAB » infinst.exe - arkivet er beskadiget - filen kunne ikke pakkes ud. Bootsektor for disk G: - fejl ved åbning af [4] G:\ - fejl ved åbning af [4] Antal scannede objekter: 778124 Antal trusler fundet: 0 Tidspunkt for fuldførelse: 19:54:06 Samlet scanningstid: 1306 sek. (00:21:46) 　 Bemærkninger: [4] Objekt kan ikke åbnes. Det er muligvis i brug af et andet program eller operativsystem. In addition to all of this, for some reason, Eset Nod32 Antivirus 9 is now giving me a warning that the program isn't updated The Windows security centre is claiming the same, but the Virus signature database version appears to be the latest? *EDIT* So it looks like the system restoring affected the clock as it suddenly was an hour ahead. We've very recently had to adjust for daylight saving time in my region. The time on my system is now correct once more, but NOD32 still claims that it doesn't have the latest updates . So all of this is rather mystifying and frustrating. At this point I'm very tempted to get this machine professionally formatted by my local PC guy as that would surely be the end of it? Out of curiosity, should I attempt and update Eset Nod32 Antivirus 9 to the latest version of Nod32 Antivirus 10 and see if it still picks up on all of this? *EDIT* I decided to take a look at my profiles for scanning with NOD32 and I now see that the C:\Windows\assembly\GAC_MSIL directory is visible to NOD32 as shown below I still cannot get access to this myself as mentioned earlier, but apparently NOD32 can see it and therefor scan it.

It would seem that "C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll" indeed is listed in the log, but I cannot find that location for whatever reason. Also, I can't believe I neglected the golden rule of mentioning which OS is installed on my system. I'm on Windows 7 Home Premium 64-bit, if that is somehow related to the different locations? That doesn't explain the log though. You can see all the results I'm getting when typing "System.Data.SqlXml.dll" into the search bar on the attached screenshot. Question is which ones to check up on and if this looks right. I'm a little concerned regarding all of this, especially after performing a Google search for deobfuscated.exe and reading some of the results, against my better judgement of doing so.

When I type the underlined "C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089" from your post into the file explorer it doesn't give me any results at all. However, if I manually navigate from the C:\ Drive, click on the Windows folder, find the folder titled "assembly" I'm getting the list pictured in screenshot 1. If I manually navigate from the C:\ Drive, click on the Windows folder, find the folder titled "Microsoft.NET", then from within that the folder titled "assembly" I see 3 folders titled "GAC-32", "GAC_64" and "GAC_MSIL". In the folder GAC_MSIL there is a folder titled "System.Data.SqlXml" which then contains a folder titled "v4.0_4.0.0.0__b77a5c561934e089" which contains the file "System.Data.SqlXml.dll" pictured in screenshot 2. Is this where I need to be looking SMARTASSEMBLY and the date for System.Data.SqlXml.dll, or am I doing it completely wrong? It's been a long day, so please forgive me

I installed the game via Steam from quite a long time ago, which is why I find these new inclusions in the scan log to be so odd. That and Nod32 suddenly takes an additional 10 minutes to complete a system scan. The issue is that I cannot seem to actually locate "deobfuscated.exe" as a file, so I'm not entirely certain how I would submit it to VirusTotal.

Instead of using a screenshot I should have included a copy&paste of the log file. That'll likely make things more easy to investigate. Updating my first post as well with this: Log Scanningslog Version af virussignaturdatabase: 15161 (20170328) Dato: 28-03-2017 Klokkeslæt: 12:54:50 Scannede diske, mapper og filer: Hukommelse (RAM);Bootsektor;C:\Bootsektor;C:\;D:\Bootsektor;D:\;E:\Bootsektor;E:\;G:\Bootsektor;G:\ MBR-sektor for 2. fysisk disk - fejl ved åbning af [4] C:\hiberfil.sys - fejl ved åbning af [4] C:\pagefile.sys - fejl ved åbning af [4] C:\System Volume Information\{069313ea-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{06931447-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{4cf8617d-13a4-11e7-a2de-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{5bffe9fc-fdcd-11e6-a182-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{7f9dd97d-0e3b-11e7-aff8-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{b67727fd-10a5-11e7-a9b9-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{b78b23fc-0347-11e7-b497-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Installer\25e0a.msi » MSI » media1.cab » CAB - fejl ved læsning af arkiv C:\Windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Microsoft.NET\Framework64\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.17514_none_141b1b1223b1ada7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18523_none_141c340a23b0aa84\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18529_none_141bab5a23b1444a\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.19091_none_1423663a23aa2435\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22733_none_fd4f8d703d572432\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22740_none_fd50d2123d55f0a6\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.23290_none_fd55d61e3d516aeb\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.17514_none_05d4965a61a326fa\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18523_none_05d5af5261a223d7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18529_none_05d526a261a2bd9d\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.19091_none_05dce182619b9d88\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22733_none_ef0908b87b489d85\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22740_none_ef0a4d5a7b4769f9\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.23290_none_ef0f51667b42e43e\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres Bootsektor for disk D: - fejl ved åbning af [4] D:\ - fejl ved åbning af [4] E:\Video Games\Steam 2\steamapps\common\Painkiller Hell & Damnation\Binaries\Redist\dotNetFx40_Full_x86_x64.exe » 7ZIP » netfx_Core.mzz » CAB » system_data_sqlxml_dll_amd64 » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres Bootsektor for disk G: - fejl ved åbning af [4] G:\ - fejl ved åbning af [4] Antal scannede objekter: 799343 Antal trusler fundet: 0 Tidspunkt for fuldførelse: 13:20:48 Samlet scanningstid: 1558 sek. (00:25:58) Bemærkninger: [4] Objekt kan ikke åbnes. Det er muligvis i brug af et andet program eller operativsystem.

Thank you so much for the swift reply "Handlingen kan ikke udføres" is Danish and can be translated to "The action can not be executed".

I just ran a custom full scan as admin with Eset Nod32 Antivirus 9.0.408.1 and found something different in the log file after the scan had been completed. The scanning also took an additional 10 minutes which I found odd. It is the "deobfuscated.exe" and "SMARTASSEMBLY" parts I'm especially concerned with as I have never seen these appear in the log before. Any ideas? EDIT** I neglected the golden rule of mentioning which OS my system has installed. I'm running with Windows 7 Home Premium 64-bit on this machine. After calming down a little and looking at the log file, it seems like this is coming from the video game "Painkiller Hell & Damnation" folder? Log file: Log Scanningslog Version af virussignaturdatabase: 15161 (20170328) Dato: 28-03-2017 Klokkeslæt: 12:54:50 Scannede diske, mapper og filer: Hukommelse (RAM);Bootsektor;C:\Bootsektor;C:\;D:\Bootsektor;D:\;E:\Bootsektor;E:\;G:\Bootsektor;G:\ MBR-sektor for 2. fysisk disk - fejl ved åbning af [4] C:\hiberfil.sys - fejl ved åbning af [4] C:\pagefile.sys - fejl ved åbning af [4] C:\System Volume Information\{069313ea-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{06931447-095d-11e7-8a6f-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{4cf8617d-13a4-11e7-a2de-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{5bffe9fc-fdcd-11e6-a182-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{7f9dd97d-0e3b-11e7-aff8-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{b67727fd-10a5-11e7-a9b9-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\System Volume Information\{b78b23fc-0347-11e7-b497-d8cb8ac74018}{3808876b-c176-4e48-b7ae-04046e6cc752} - fejl ved åbning af [4] C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Installer\25e0a.msi » MSI » media1.cab » CAB - fejl ved læsning af arkiv C:\Windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\Microsoft.NET\Framework64\v2.0.50727\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.17514_none_141b1b1223b1ada7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18523_none_141c340a23b0aa84\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.18529_none_141bab5a23b1444a\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.19091_none_1423663a23aa2435\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22733_none_fd4f8d703d572432\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.22740_none_fd50d2123d55f0a6\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\amd64_netfx-system.data.sqlxml_b03f5f7f11d50a3a_6.1.7601.23290_none_fd55d61e3d516aeb\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.17514_none_05d4965a61a326fa\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18523_none_05d5af5261a223d7\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.18529_none_05d526a261a2bd9d\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.19091_none_05dce182619b9d88\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22733_none_ef0908b87b489d85\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.22740_none_ef0a4d5a7b4769f9\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres C:\Windows\winsxs\msil_system.data.sqlxml_b77a5c561934e089_6.1.7601.23290_none_ef0f51667b42e43e\System.Data.SqlXml.dll » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres Bootsektor for disk D: - fejl ved åbning af [4] D:\ - fejl ved åbning af [4] E:\Video Games\Steam 2\steamapps\common\Painkiller Hell & Damnation\Binaries\Redist\dotNetFx40_Full_x86_x64.exe » 7ZIP » netfx_Core.mzz » CAB » system_data_sqlxml_dll_amd64 » SMARTASSEMBLY » deobfuscated.exe - handlingen kan ikke udføres Bootsektor for disk G: - fejl ved åbning af [4] G:\ - fejl ved åbning af [4] Antal scannede objekter: 799343 Antal trusler fundet: 0 Tidspunkt for fuldførelse: 13:20:48 Samlet scanningstid: 1558 sek. (00:25:58) Bemærkninger: [4] Objekt kan ikke åbnes. Det er muligvis i brug af et andet program eller operativsystem.

Bumping this thread. After Windows Defender was updated to version 1.231.1698.0 via Windows Update it doesn't seem to alert on these false positives any longer.

Cheers for answering my question, everyone!

I'm running with Nod32 Antivirus 9 version 9.0.402.1 and today I've noticed that a new version is suddenly available for download, the so called version "9.0.408.1", but I can't seem to find any change log for the new version? Plus I thought you were done with new version 9 upgrades after the release of version 10. So in short, what's different in version 9.0.408.1?

Windows Defender have been acting up on my end as well, but it sounds like it's happening to quite a few people as there is an entire thread about the problem over on reddit: https://www.reddit.com/r/techsupport/comments/5ar0fi/window_defender_is_constantly_finding_malware/ Reading through the thread it's evident that Defender is for whatever reason throwing a fit over browser related shortcuts and even VulkanRT (engine used for video games) and that scans with various Anti-virus software generally comes out clean, so it certainly smells like a false positive to me. Defender gave me the exact same warning as Tobijah, but simultaneously also alerted to some of the VulkanRT uninstall files after I logged into Steam. I believe Steam checks for graphics driver updates, hence why it didn't act on Vulkan until then. I've scanned the files with Nod32 Antivirus v9 and Malwarebytes and they all come out clean, the only program that's acting up is Defender. And I certainly trust Eset and Malwarebytes results over Windows inbuilt and less than stellar program. I had to exclude the files in order to stop Defender from constantly popping up as the "disinfect" option in Defender didn't solve it. Sounds like the issue can be solved by deleting the .ink, which I haven't done, and I will certainly not delete anything in the VulkanRT folder in case it breaks anything. I have included print screens of the Defender alerts for this post.

That's good to hear. Thank you very much both of you for answering my question Kudos!

By coincidence I've noticed that the build version of the realtime protection module appears to be quite a bit older than all the other modules. The date for the build version of highlighted module is dated all the way back from 06-08-2015, while all the other module build dates are from 2016. From a casual observation that just seem sort of outdated and a little odd? I'm not sure if this matters in any way, but I'd just like to verify if this really is the latest version and if my Eset NOD32 Antivirus 9 program is all up to date. *My program version is in Danish, but I'm certain that the experts can tell what the various translations are supposed to be* Operating system: Windows 7 Home Premium 64-bit version 6.1.7601 SP1 NOD32 version: NOD32 Antivirus version 9.0.381.2 (Danish language UI) Virussignaturdatabase: 13756 (20160705) Modulet Hurtigt svar: 8293 (20160705) Opdateringsmodul: 1064 (20160324) Antivirus- og antispywarescannermodul: 1491 (20160630) Avanceret heuristikmodul: 1170 (20160425) Arkivunderstøttelsesmodul: 1251 (20160627) Rensemodul: 1123 (20160606) Anti-Stealthsupportmodul: 1098 (20160525) ESET SysInspector-modul: 1259 (20160406) Beskyttelsesmodul til realtidsovervågning af filsystemet: 1010 (20150806) Modul til oversættelsessupport: 1500 (20160623) HIPS-supportmodul: 1236 (20160704) Internetbeskyttelsesmodul: 1256 (20160606) Databasemodul: 1082 (20160601) Konfigurationsmodul (33): 1240.4 (20160406) LiveGrid-kommunikationsmodul: 1021 (20160310) Særligt renseprogram: 1012 (20160405) Registrering af rodsæt og rensningsmodul: 1003 (20160508) Modul for netværksbeskyttelse: 1191 (20160630) "Beskyttelsesmodul til realtidsovervågning af filsystemet: 1010 (20150806)" is the one I'm concerned with. Thanks in advance.

Sorry about the late reply. I already removed and reinstalled NOD32 Antivirus v9 this afternoon. Doing so completely sorted my little screw-up with ecls.exe and now it scans without problems in safe-mode. I'll make sure to be very mindful in the future when using the command line scanner so I don't repeat the same mistake! Unfortunately, uninstalling v9 of NOD32 confirmed my suspicion that the new version seems to slow down my system. When I had removed the program everything ran smooth and fast again, but as soon as I reinstalled v9 my system became noticeably slower again. Never had such performance issues with NOD32 until now and v8 ran super smooth. I would like to downgrade to the latest version of NOD32 Antivirus v8 again, just to make absolutely sure that v9.0.318.20 is the culprit for the less than stellar performance. Once I find out I'll most likely create a new thread and hopefully we can figure out why v9 "might" be causing performance issues on my end. Would this be the correct site/link to download the latest build of v8 from or will I need to download it from another page on Esets site? hxxp://support.eset.com/kb2885/ Also in terms of the new license key system. I already converted my old Username and Password into a license key due to trying v9. How does activating my license on the old v8 work? Will I have to use the new license key or the old username/password system? Many thanks in advance

Thank you Stackz. I was able to start a scan in safe-mode with success using the commands (also looked them up on Esets website). Unfortunately there seems to be another issue now, and I'm afraid that I might have caused this one. And everything was starting to go well I accidently marked everything in the command window, the Eset Command Line scanner process and scan results etc, and by a slip of the finger I think it was pasted it into the command window. That caused the window to continuously scroll down until I closed it. Now when I attempt to run the line "C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" --help a warning windows pops up with the following text: "C:\Program Files\ESET\ESET NOD 32 Antivirus\ecls.exe er ikke et gyldigt Win32-program (last part translated into english: Isn't a valid Win32-program). The text that appears in the command window is: "C:\Program Files\ESET\ESET NOD32 Antivirus\ecls.exe" --help Adgang nægtet. (last part translated into english: Access denied) I've tried to reboot and enter safe-mode again to repeat the scan, but I keep getting the Access Denied message in the command window now. Edit* Looking at the ecls.exe file now I can see that it has actually been reduced to 0 bytes in size.. Trying to click on the file gives me the same error message "not a valid Win32-program" as in safe-mode. Seems like I have managed to break/corrupt it with my "little slip-up" in the console window. Screenshot attached. At this point it would probably be for the best to fully remove and reinstall NOD32 v9.

Think I have found the ecsl.exe file (screenshot attached) in the Eset NOD32 Antivirus folder in programs. That would be the correct location for the command line scanner? When I boot into safe-mode and click on it and try to run it the command window does pop up, but for less than a second, then it just disappears and nothing happens. Same result is I attempt to run the ecsl.exe file as Administrator. No sign of a running process when looking at the Windows task manager either.

The method I described before always allowed me to scan while in safe mode. Where do I have to look to find the command-line scanner ecls.exe exactly? Thanks in advance.

I'm planning to reformat my computer in the near future, so I decided to upgrade from the latest version of NOD32 Antivirus 8 to NOD Antivirus v9 (9.0.318.20) so I could test it out before reformatting my computer. And to make sure the new license-key system would actually work, and it worked like a charm and activated just fine. But I'm glad that I decided to test out v9 before reformatting as there seem to be an issue? What I'm noticing now is that I can't seem to scan my system while running Windows in safe-mode anymore. I actually tested out this feature before uninstalling v8. Scanning in safe-mode worked perfectly in v8 like it always did. Now with v9 nothing happens when I try to scan while in safe-mode when I click on Eset NOD32 Antivirus in the Start menu, even when trying to run as Administrator. Sometimes it seemed like the mouse cursor would quickly change to show it's in the process of loading, but nothing happens. I've also noticed that opening programs and sometimes even the task manager can take a while, things seem a bit slower. Whether that is due to NOD32 v9 or the latest bunch of Windows Updates I can't say. Some additional details: I'm running Windows 7 Home Premium 64-bit with the latest Windows Updates installed. I downloaded the Live Installer from Eset's website, but I didn't install it on-top of v8. Instead I removed NOD32 v8 completely, rebooted and made sure everything was in order, then rebooted again so I could do a clean install of v9. NOD32 v9 shows no signs of infection for my system. Neither does Malwarebytes Anti-Malware (free version used for on-demand scans only) and Windows Defender also claims that I'm clean.

I'm thinking of investing in Eset Mobile Security for Android. I've noticed the recent thread on this board about EMS Anti-Phising not working for the Firefox browser. So, does Anti-Phising work for the Google Chrome browser in Android? And does EMS other functions such as real time protection also work for Chrome? I never use the default Internet browser for Android, only Chrome. I just need to know if EMS will keep me safe as I surf with my preferred mobile browser. Basically, what works and what does not work. According to the product information on Eset's website it seems that the Firewall isn't supported for Android, but everything else on the list of features is marked. Thanks in advance

There doesn't appear to be any records of application crashes. Everything seems to run fine and NOD32 haven't generated anymore dump files ever since my original post. I will bump the thread if it happens again. Thanks for all of the help

I sent you another private message a few days ago, Marcos.

PM Sent. Sorry for the slow response.

Do I have to include the dump file I found in the root of my c:drive as well or just the 6 files in the Diagnostics folder? Also do you have a recommendation for somewhere to safely upload the archives? Uploading files is not something I have ventured into much, except photos on Flickr. I wouldn't know what to pick and what to avoid in terms of websites.