Jump to content

Antivirus constantly deleting normal .exe


Axel

Recommended Posts

Hello,

 

I have a big problem, my antivirus (nod 32) is constantly deleting normal .exe like adode suite, nvidia driver, notepad ++ and many more (like a LOT...).

It is very disturbing because I can't put everything in the exclude list, it would be too time consuming ! I tried to install an other antivirus (avast), and the same thing happened ! So i tought I would probably have a virus... I did a full clean install of windows 10, back to nod 32 and boom, same thing happened ! I managed the antivirus to ask me if I want to ignore or clean if it find something, but in the options I can't select the "add file to exclusion list" option !

 

It very very annoying, maybe it's just a matter of antivirus configuration, but 1-2 month ago, everything was fine (I think it's from the latest big update of windows 10, not sure) I hope someone could help me !

 

OS : Windows 10 x64 Pro

 

Thanks a lot,

 

Axel

Link to comment
Share on other sites

  • Administrators

I don't believe ESET would detect executables of popular applications and nobody else would complain. Please post a screen shot of the alert you're getting.

Link to comment
Share on other sites

Hi Marcos,

 

Unfortunately, this is my case. When I reactivated the antivirus and went to disk local C:, I had about 60-70 alerts of bad .exe, here is somes (attached) :

 

- Photoshop.exe

- Nvidia display driver

- Intel wifi driver

- Uninstaller of the game Trackmania Turbo

- Installer of Trackmania Turbo

 

After that I saw a lot of .exe alerts from nvidia folder, wifi folder, microsoft office, etc

 

Thanks,

 

Axel

post-14866-0-06954400-1481633932_thumb.png

post-14866-0-71452100-1481633932_thumb.png

post-14866-0-42476300-1481633933_thumb.png

post-14866-0-12095100-1481633934_thumb.png

post-14866-0-82101500-1481633934_thumb.png

Link to comment
Share on other sites

  • Administrators

It's likely the variant you have overwrites original files with malware. Have you had ESET installed and regularly updated for a longer time?

Link to comment
Share on other sites

"you have overwrites original files with malware", do you mean a crack ? Because those exe are not cracked ones (anyway I had a lot nvidia exe alerts, which exe that are not crackable because no need to). My current ESET has just been installed yesterday, because I re-installed windows. But before that, yes I had ESET for a loooong time with no problems ! Now that you say that, it makes me remember that this problem came after I upgrated to ESET nod32 10.

 

Also as you can see in one image attached, I can't choose the "exclude from detection list" option". How can I do that ?

 

Thanks,

 

Axel

Edited by Axel
Link to comment
Share on other sites

  • Administrators

I don't mean cracks. I mean the worm which rewrites legitimate files with its own code. If you installed the operating system from scratch, it must have been that it got infected before installing and updating ESET if the files started to be detected immediately after install.

I would not make any exclusions as it's not a false positive but actual malware detection.

Link to comment
Share on other sites

So even if I installed a new OS from scratch, the malware can stay in the computer ? What do you suggest to do ?

 

Thanks a lot,

 

Axel

Link to comment
Share on other sites

If you have multiple internal HDDs or an external HDD that is always connected, malware could be present on those drives.

 

Go into Eset scan options. Select advanced scans -> Custom scan. Select "This PC" which will scan everything on your PC. Then run scan "As Administrator."

 

Note: If you have Network drives, make sure all those are also selected.

 

If malware persists after this, you're going to have to use a drive "wipe" utility to thoroughly clean your boot drive prior to reinstalling the OS. Make sure the utility you use conforms to U.S. DoD standards or the like. This will perform multiple passes on the HDD. Obviously, you will have to run such a utility from standalone bootable media such as CD/DVD/or reformatted USB drive. Note: Do not create bootable media w/wipe utility from the infected OS.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...