KiloG 0 Posted July 2, 2014 Share Posted July 2, 2014 (edited) I am not sure if this is in the right forum, but two days ago i noticed that sometimes nod32 would be really slow, and even get the 'not working' tag on it. I ran multiple scans and found nothing. I then decided to look at my startup programs and i found this hmemmsk.exe i did a simple search in google to see what it was, and it said 6 other antivirus programs listed it as a virus. hxxp://www.herdprotect.com/hmemmsh.exe-7c58e63407035896aa308b5327d5863ecd281c0e.aspx Why was something in plain view missed by eset? I have already tried manually deleting it but a restart bring the virus back which i expected. how can i get rid of this virus? it seems to be shutting down my eset antivirus which is up to date. Brad Edited July 2, 2014 by KiloG Link to comment Share on other sites More sharing options...
Arakasi 549 Posted July 2, 2014 Share Posted July 2, 2014 Hello, first off delete the registry entry : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run hmemms C:\users\proximedia\msocache32\patch\files\hmemmsh.exe Second, do you have Potentially unwanted options checked in settings ? Also what type of scans are you running ? Have you ran an In-depth scan ? I would highly recommend calling customer care so they can upload samples if ESET did miss the threat. Link to comment Share on other sites More sharing options...
KiloG 0 Posted July 2, 2014 Author Share Posted July 2, 2014 Hello, first off delete the registry entry : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run hmemms C:\users\proximedia\msocache32\patch\files\hmemmsh.exe Second, do you have Potentially unwanted options checked in settings ? Also what type of scans are you running ? Have you ran an In-depth scan ? I would highly recommend calling customer care so they can upload samples if ESET did miss the threat. I downloaded AVG to see if maybe it picked up on this virus, and it did. It seems to be gone. C:\users\proximedia\msocache32\patch\files\hmemmsh.exe everything in the patch file is gone. To be honest i dont mess with the settings too much. sometimes i switch eset to the gaming setting (once a month maybe) but besides that, i love how eset is ALMOST set it and forget it. As for the scan i was running, was the smart scan. Also anything i download i always scan before opening. I am pretty cautious, but i really trusted eset. I have been using them for 6-8 years and i am pretty sure this is the first thing that has gotten through (at least to my knowledge). I really cant complain. Just really curious how something in plain site to me at least, could be hidden by eset. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted July 2, 2014 Share Posted July 2, 2014 Hi again, You can't blame ESET, there are thousands of settings that could have been changed. We would HAVE to take a look to determine what was going on and what happened. Now that you have removed it and its gone, we will never know, and hopefully someone else doesn't catch the threat. Thanks for posting and sharing. Link to comment Share on other sites More sharing options...
KiloG 0 Posted July 2, 2014 Author Share Posted July 2, 2014 (edited) Like i said before i was just curious how it could have missed that obvious one. I made it clear that in the years that i have used this product this the first time i have had a problem, which is a pretty good track record if you ask me. i will continue to use eset for all the PCs' in my house. In the future what should i do so that "Now that you have removed it and its gone, we will never know, and hopefully someone else doesn't catch the threat." doesn't happen? Is there protocol i am supposed to follow when i come across something like that again? Also what kind of scan should i be doing if smart scan isn't enough? Edited July 2, 2014 by KiloG Link to comment Share on other sites More sharing options...
Arakasi 549 Posted July 2, 2014 Share Posted July 2, 2014 Hi again ! Smart scan is good enough, however we would need to look at the settings specified for the smart scan. In-depth scan already has all the necessary settings that are very strong for catching threats, however it will be a very long scan as smart optimization is not included. Follow the directions in this KB for if you catch a threat that ESET can't find : hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141 Link to comment Share on other sites More sharing options...
rugk 397 Posted July 2, 2014 Share Posted July 2, 2014 (edited) Smart Scan is mostly enough, but you can also make a customized scan and select there "in-depth-scan". It's also good to submit a sample to ESET. You can do this in your ESET software or in the way described by this knowledge base article. P.S: Arakasi was faster... Edit: You can also submit a file directly from the context menu. (see the second screenshot I added) Edited July 16, 2014 by rugk Link to comment Share on other sites More sharing options...
Arakasi 549 Posted July 2, 2014 Share Posted July 2, 2014 A picture is even better ! Thanks rugk Link to comment Share on other sites More sharing options...
Administrators Marcos 4,908 Posted July 2, 2014 Administrators Share Posted July 2, 2014 I'm not sure if it's malware, almost no av detects it after a long time and quite many users have it installed. We'll look into it though. Link to comment Share on other sites More sharing options...
KiloG 0 Posted July 2, 2014 Author Share Posted July 2, 2014 So Marcos, your saying that maybe that wasn't what was trying to shut down eset? It would get to the point where it would stop. When i brought up the task manager eset was 'not responding'. It wouldn't even let me end task. I am stepping out for a few, ill run an in depth scan, and see what it turns up when i return. Thanks for the help, Brad Link to comment Share on other sites More sharing options...
Octavian 5 Posted July 16, 2014 Share Posted July 16, 2014 I have some files that are threats and need to be analysed, Eset Smart Security does not detect these files, where can I post these files? Link to comment Share on other sites More sharing options...
SweX 871 Posted July 16, 2014 Share Posted July 16, 2014 I have some files that are threats and need to be analysed, Eset Smart Security does not detect these files, where can I post these files? How do I submit a virus, website or potential false positive sample to ESET's lab? hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141 Link to comment Share on other sites More sharing options...
rugk 397 Posted July 16, 2014 Share Posted July 16, 2014 I have some files that are threats and need to be analysed, Eset Smart Security does not detect these files, where can I post these files? Or have a look above... to this and this post. Link to comment Share on other sites More sharing options...
Recommended Posts