rugk

Ah... So dkservice.exe belongs to Diskeeper. But to prove this of course the path have to be correct and the file must be one which is installed by Diskeeper. So we need the path and the file itself. The triangle is orange not red. I think such less knowledgeable people wouldn't look at "running processes". Basically you don't need to have doubt. Anyway if you have you can of course research the program. E.g. you can upload the file to virustotal, search for the hash of the file or if you are really not clear what this file is and whether it is genuine ask about it in a forum like this. But like I already said we of course need the file path and the file itself.

OT @SweX Ok that's why I have enabled "Paste as plain text by default" in the options. And in the editor there is also the ability "Paste as plain text" so you can use this. And this "search box copying" rings a a bell to me. But I often use my start menu for this... But where has he copied the text from? I can only imagine a translator tool, but I don't know anyone with these background colours.

Yes, but some times you also have more statuses than only listening for the same process. (So a process is listening on some connections and on some it is connected to an IP) And I want to add that it also should have the possibility to sort it. Actually you can't sort anything there.

If a file is "unknown" it don't have to be malware. Like the word says it is just not known. But to say what the file is you of course have to provide us some more information. At first the file path and secondly the file itself. And if you have very sensitive documents and so on I can only suggest to encrypt them. That's a good first step to secure your data. (another good step is to use 2FA)

Really? Can you send us the screenshot. Make sure you have enabled the following option in the settings:

BTW: The title "I Have To Find One Malware Who Destroys The Eset Antivirus And Which Do Not Make Detect!" implicit you want such a malware. BTW2: Why has the text of the OP such background colours?

But personally under "destroy" I understand a bit more than just a bypass... LOL the malware overclocks CPU and GPU (about 1000%) and then stress them as long as they broke... Ok, seriously again: You can submit a file to ESET using either the kb article Marcos linked to or in the ESET software there: But anyway I'm interested what the malware destroys... At first you could provide us a screenshot if there is anything visible. Secondly you can upload it encrypted (password: infected) to a file hoster and post the download link. If you do so please make it at least unclickable or even better PM it to us (suggestion: Some ESET moderators and me).

Hello, please post this in your already opened topic and don't create a new topic. It would be good if a moderator could merge this topics. So for your issue: What operation system do you use? In Windows XP or below this option isn't available, because if you are already logged in as an admin then it automatically scans as the admin. And just generally: Often a screenshot can be very helpful for other users.

How nice of you to let me now. Because there was no reply from you either in the PM or in the topic, where I posted my bug report first, I thought you are ignoring this error. And so I posted sometimes that you didn't answered me, so sorry for this. But a small reply like "Thanks, we are investigating this." would be enough. So back to you @Kasun K If you know how you can also make dump files of egui.exe and ekrn.exe. So ESET can analyse them. Also a main difference between my and your issue is that - if I understood you correctly - your issue appears everytime if you click on "Scan computer" and mine only sometimes.

Ok God to know... So no site is really "wrong".

Older versions you can download here: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2885

You're welcome, but "working as intended"? He was able to reproduce the issue so he was able to see what's wrong. He also said that this worked in version 5 (or below), but as I hope you don't want to switch to version 5 because of this so look at the already posted workaround: And the suggestion... is simple : The developers just have to add the some code lines so that the window size/position will be saved before shutdown.

Ok if you think so... But you were too late. @JamesR deleted the links.

That is strange, maybe it depends on the USB sticks. Have you different ones to test it with them or even a different machine (maybe the USB driver are not compatible)?

Oh, noo! What's that for a program? It must use technologies to do so. Just image if a malware do so, changes your proxy to 0.0.0.0 (a non-existing proxy, where you don't get updates anymore) and excludes a malicious website from scanning! Can it - coincidentally - be that this "program" was malware? Anyway if you want to PM it to me (if it's large upload it somewhere) then feel free to do. I can't image that this really works. And I would recommend that you also add @Marcos or another moderator so that ESET also can analyse this.

Okay, this is strange. Maybe it has something to do with the specific camcorder.

16 MB/s mayb is okay, depending on what speed class you have. And what device were you using? And if it was slow in that case, when you had enabled the complete protection then it was fast?

nod32.com.au which then forwards to antivirus.com.au Sounds like I've been going to the wrong site, If you wanted to go to the official site then you were right. But to "speak with URLs": hxxp://eset.com.au/ (or like you added hxxp://nod32.com.au and hxxp://antivirus.com.au [what serious website addresses... ] and even hxxp://www.pro1.com.au/1) is maybe a reseller or a fake website (because I don't want to promise it). hxxp://www.eset.com/au/ (or hxxp://au.store.eset.com/ for the store like @planet stated above) is the real official ESET site. 1: How many domains have they?! And some sites are also redundant....

Can you please censor the links (e.g. lin***.com) or at least make them 'unclickable'. As an alternative you can put the hashes of the files there if you want.

Because this is also a "Security Forum" I thought this could be a thing you are interested in. BTW: For a first look you can watch this funny video. Threema is an instant-messaging-app which sends all data completely end-to-end-encrypted (it uses the NaCL library). The messages, pictures, voice-messages, videos and more are stored on Swiss servers and are deleted if the recipient receives them. Additionally the meta-data is encrypted with a SSL connection to the server. But anyway the handling is very easy. You can write as easy as you can write with any other messenger. E.g to add a contact securely you just have to scan his QR-Code - so that man-in-the-middle attacks are impossible, but if you not have time to meet your friend, even other security levels possible. But - if you want - you can also enable contact synchronisation and you're contacts will added automatically if they added a phone number or email-address. But this is optional! You don't have to add a phone number or your email-address. You can even use Threema anonymously! The phone number and email-adress will be hashed and only submitted through an SSL encrypted connection - but only if you want. They have a clear privacy policy. Even end-to-end-encrypted group chats are possible. Perfect Forward Secrecy is used for the connection between the app and the server. The app is available for: iOS (iPhone) Android Windows Phone And this languages are supported: English German Spanish French Italian Portuguese-Brazil Russian Polish Additionally you only have to pay once and there is no need for a yearly subscription (like in WhatsApp). After 3 years you already saved money!* (compared to WhatsApp) More about Threema on their official website: www.threema.ch Or download it on: Google Play Apple App Store Amazon App Store Windows Phone Store You might also be interested in: Product video about Threema on YouTube Threema - Comparison to its competitors Complete computer encryption with DESLock+ * This may depend on the country where you buy it, what currency you use and how high the prize for Threema and WhatsApp is. You should see this as an approximation.

Without ERA it is impossible. Like I said if this would be possible then also malware could do this. And the program of which you talk I'd like to see...

That is strange, but as a workaround you can also boot from your DVD and create from the booted SysRescue a copy to the USB. (there is an tool included for that) Edit: Added picture to show how.

Of course you can't disable self-defense from the registry. Just imagine if malware would be able to do this! I think the easiest way to configure it would be to export your configuration and import in then in every of your client computers. (I think also "normal" users are able to do this two clicks) Here is where you can do it: But keep in mind that the full configuration is ex- and imported. So also your license data (username and password) and even your firewall/HIPS rules/exclusions and so on.

Without any guarantee, I would suggest C:\Program Files\ESET\ESET Smart Security. Maybe you don't have to exclude all, so maybe only C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (path from a 64bit computer) could also work.

What's that for a website! That site looks like a fake. (e.g. see ESS v6!)@HappyFeet14 Ok I went on the safari trip to this site. From eset.com I choose Australia and I came to this site: hxxp://www.eset.com/au/ Now I looked for your site and I found it: hxxp://www.eset.com/au/support/lost-license/ And yes there is this spelling mistake! But this site seems to be genuine, so you can trust it. But I suggest you to report the spelling mistake to the Australian distributor.