Memory leak

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by Hagla007, Jun 30, 2011.

Thread Status:
Not open for further replies.
  1. Hagla007
    Offline

    Hagla007 Registered Member

    I was testing the Nod32 RC out on a heavily infected machine. The HIPS was messed up. It was constantly popping up. During the scan Eset used almost 100% of the CPU. In addition, it couldn't get rid of a Win32/Patched.GC trojan.

    http://imageshack.us/photo/my-images/268/esetcpu.jpg/
  2. Galaxykiss
    Offline

    Galaxykiss Registered Member

    scan in safe mode please
  3. agoretsky
    Offline

    agoretsky Eset Staff Account

    Hello,

    Did you try scanning from an ESET SysRescue disc? If so, did that make any difference?

    Regards,

    Aryeh Goretsky
  4. Marcos
    Offline

    Marcos Eset Staff Account

    The title of the thread is "Memory leak" but I don't see any such indication / evidence in your post.
  5. Hagla007
    Offline

    Hagla007 Registered Member

    Since this happened in a virtual machine, I don't really care so much about it. I won't scan with a SysRescue disk.

    Marcos, maybe the title of the thread was wrong. However, the CPU-usage is extremely high, and it almost makes the computer freeze. I don't know if it was "fighting" with another process to get high CPU, but if you look at the picture, there is a process called "ssdapi5.exe". It's a malware which, along side with Eset, trying to "use the most CPU". It was either one of them who used 90+% CPU.

    I just want to say that Nod32 did a good job by detecting malware. Over 3000 pieces of malware, or tracks, was found. Good job! And after a full in-depth scan, it got rid of the ssdapi5.exe, but the Win32\Patched.GC is still there popping up all the time.
  6. Marcos
    Offline

    Marcos Eset Staff Account

    Patched files are usually uncleanable / irrecoverable and need to be replaced with a clean copy of the files.
  7. Hagla007
    Offline

    Hagla007 Registered Member

    I submitted the file anyways. ;)
Thread Status:
Not open for further replies.