Constant Alerts after Adobe Update

Discussion in 'ESET NOD32 Antivirus' started by 00Scud00, Jun 29, 2013.

Thread Status:
Not open for further replies.
  1. 00Scud00

    00Scud00 Registered Member

    Joined:
    Jun 22, 2013
    Posts:
    2
    Location:
    United States
    Following a reboot a few days ago I was prompted to update Adobe Flash, nothing unusual there. After the update however I started getting alerts from the real-time protection saying that files were being modified by smagent.exe (located in C:\users\Mike\AppData\Roaming\Adobe\Acrobat\10.0\) and saying that it was probably an unknown CRYPT.WIN32 virus. I can shut down the smagent.exe and the alerts will stop, however that file comes up as clean when scanned by NOD32, only the files it touches come up as infected, mostly innocuous stuff so far, nothing I'd really miss. I did some searching but came up with nothing that sounds like what I'm dealing with.
    I'm running ESET NOD32 Antivirus 6 (ver 6.0.314.0) on a Windows 7 x64 Professional machine.
     
  2. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    That's odd. As far as I know, it's been nearly a month since Adobe updated Flash, and two months since an update for Reader appeared. I do not think ESET has any any reports like yours since then.

    Can you provide us with a screenshot of the message, or copy it out of your log file?

    With that information, we will have a better idea of how to proceed in troubleshooting this issue.

    Regards,

    Aryeh Goretsky
     
  3. 00Scud00

    00Scud00 Registered Member

    Joined:
    Jun 22, 2013
    Posts:
    2
    Location:
    United States
    Thanks for the reply, here's a text file of the log.
     

    Attached Files:

  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I'd suggest submitting a couple of those files to ESET for investigation as per the instructions here.
     
Thread Status:
Not open for further replies.