Jump to content

Recommended Posts

Posted

Hello,

 

I have a big problem, my antivirus (nod 32) is constantly deleting normal .exe like adode suite, nvidia driver, notepad ++ and many more (like a LOT...).

It is very disturbing because I can't put everything in the exclude list, it would be too time consuming ! I tried to install an other antivirus (avast), and the same thing happened ! So i tought I would probably have a virus... I did a full clean install of windows 10, back to nod 32 and boom, same thing happened ! I managed the antivirus to ask me if I want to ignore or clean if it find something, but in the options I can't select the "add file to exclusion list" option !

 

It very very annoying, maybe it's just a matter of antivirus configuration, but 1-2 month ago, everything was fine (I think it's from the latest big update of windows 10, not sure) I hope someone could help me !

 

OS : Windows 10 x64 Pro

 

Thanks a lot,

 

Axel

  • Administrators
Posted

I don't believe ESET would detect executables of popular applications and nobody else would complain. Please post a screen shot of the alert you're getting.

Posted

Hi Marcos,

 

Unfortunately, this is my case. When I reactivated the antivirus and went to disk local C:, I had about 60-70 alerts of bad .exe, here is somes (attached) :

 

- Photoshop.exe

- Nvidia display driver

- Intel wifi driver

- Uninstaller of the game Trackmania Turbo

- Installer of Trackmania Turbo

 

After that I saw a lot of .exe alerts from nvidia folder, wifi folder, microsoft office, etc

 

Thanks,

 

Axel

post-14866-0-06954400-1481633932_thumb.png

post-14866-0-71452100-1481633932_thumb.png

post-14866-0-42476300-1481633933_thumb.png

post-14866-0-12095100-1481633934_thumb.png

post-14866-0-82101500-1481633934_thumb.png

  • Administrators
Posted

It's likely the variant you have overwrites original files with malware. Have you had ESET installed and regularly updated for a longer time?

Posted (edited)

"you have overwrites original files with malware", do you mean a crack ? Because those exe are not cracked ones (anyway I had a lot nvidia exe alerts, which exe that are not crackable because no need to). My current ESET has just been installed yesterday, because I re-installed windows. But before that, yes I had ESET for a loooong time with no problems ! Now that you say that, it makes me remember that this problem came after I upgrated to ESET nod32 10.

 

Also as you can see in one image attached, I can't choose the "exclude from detection list" option". How can I do that ?

 

Thanks,

 

Axel

Edited by Axel
  • Administrators
Posted

I don't mean cracks. I mean the worm which rewrites legitimate files with its own code. If you installed the operating system from scratch, it must have been that it got infected before installing and updating ESET if the files started to be detected immediately after install.

I would not make any exclusions as it's not a false positive but actual malware detection.

Posted

So even if I installed a new OS from scratch, the malware can stay in the computer ? What do you suggest to do ?

 

Thanks a lot,

 

Axel

Posted (edited)

If you have multiple internal HDDs or an external HDD that is always connected, malware could be present on those drives.

 

Go into Eset scan options. Select advanced scans -> Custom scan. Select "This PC" which will scan everything on your PC. Then run scan "As Administrator."

 

Note: If you have Network drives, make sure all those are also selected.

 

If malware persists after this, you're going to have to use a drive "wipe" utility to thoroughly clean your boot drive prior to reinstalling the OS. Make sure the utility you use conforms to U.S. DoD standards or the like. This will perform multiple passes on the HDD. Obviously, you will have to run such a utility from standalone bootable media such as CD/DVD/or reformatted USB drive. Note: Do not create bootable media w/wipe utility from the infected OS.

Edited by itman
  • Administrators
Posted

You could use a SysRescue CD or USB to scan all your hardrives and other media offline.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...