The official ESET KB article on what to do if you have a virus suggests using system restore. I have witnessed this occasionally work. I have also heard from the big-name vendors that you should disable system restore to allow any viruses that may lurk there to be disabled. Any opinions on which is correct? Does it depend on the infection? I am currently dealing with a system that did have Security Shield 2011. I killed it in the task manager. A subsequent scan with ESET Online scan found the trojan and deleted/quarantined it.