egui.exe quarantined

Discussion in 'ESET Smart Security' started by Jenee, Jan 29, 2008.

Thread Status:
Not open for further replies.
  1. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    Ran an in depth scan and ESS quarantined egui.exe.
    The result of this is that after a restart the icon no longer appears in the system tray and when trying to use Program Files to start ESS, windows says it cannot find egui.exe. If I go to the ESS program folder and double click on egui.exe, ESS appears in the tray. I have uninstalled and reinstalled ESS and it continues to quarantine egui.exe.
    Does anyone know why this is happening and what I can do to fix it.
     
  2. ASpace

    ASpace Guest

    Well , make sure your ESS is updated - now 2830 .
     

    Attached Files:

  3. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    It is definitely up to date.
     
  4. ASpace

    ASpace Guest

    Can you go to the Setup and disable Antivirus/antispyware protection (them only , not the firewall) .

    Turn to Advanced Mode , goto Tools -> Quarantine and restore the file.

    Then submit it to ESET (submit as Attachments in email egui.exe from C:\Program files\ESET Smart Security\) so that they check if it is actually legitimate one

    Can you also upload it to VirusTotal , just in case .

    Then again goto Setup and enabled the protections
     
  5. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    what virus ess detect in egui.exe
    it must be file infecter
    eset have to make Self Defence for eav and ess
     
  6. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    I found out what the problem was and have just posted this in another thread about Vundo.

    "I had a PC that was infected with Vundo. The correct name is Win32/Adware Virtumonde.CLI. It infects the system through the installation of Winfixer. It is the hardest thing to get rid of but fortunately, with perseverence, ESS will get rid of it. If ESS is installed on a system that already has this trojan then it modifies the egui.exe file. ESS then quarantines egui.exe so there is no ESS icon on startup.
    I ran the PC in safe mode, ran a scan whcih quarantined all the nasties, replaced egui.exe with a clean file, removed the trojan entries from the registry, restarted the pc again in safe mode and ran another scan. Finally fixed."
     
  7. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    eset need urgent self defence in eav and ess
    one i was infected by virut same thing happened
     
  8. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    So the virus was already on your box when you installed ESS? Or did it slip by ESS?
     
  9. Jenee

    Jenee Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    185
    The virus was already on the PC before ESS was installed. The person who owned the PC had already spent several hundred dollars with a PC repairer to try and fix the PC and was told it was clean but it still had problems again. I installed ESS on the PC to try and rid the infection. The fact that egui.exe appeared to be infected was not a problem as it is only a program viewer and ESS was still running properly. The owner of this PC has now purchased ESS. The PC had antivirus, firewall, several well known spyware checkers installed, some of which had identified the trojan but could not get rid of it.
    Google the vundo virus and you will see how many people have had it and how difficult it has been for them to get rid of it.
    I am totally sold on ESS after this.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.