スパイウェア除去ツールである、SmitfraudFix が、NOD32によって消去されてしまう件。
常時監視を無効にしてあげると動作します。
SysInternalsのFileMonでログをとってみた。
時刻とかは省略。
これって報告した方がいいかなぁ。Esetに？

explorer.exe:1220 CREATE C:\SmitfraudFix.exe SUCCESS Options: Create Sequential  Access: 00130196 
explorer.exe:1220 QUERY INFORMATION C:\SmitfraudFix.exe SUCCESS FileFsAttributeInformation 
explorer.exe:1220 QUERY INFORMATION C:\SmitfraudFix.exe SUCCESS Attributes: A 
explorer.exe:1220 SET INFORMATION  C:\SmitfraudFix.exe SUCCESS Length: 1038438 
explorer.exe:1220 SET INFORMATION  C:\SmitfraudFix.exe SUCCESS FileBasicInformation 
explorer.exe:1220 WRITE  C:\SmitfraudFix.exe SUCCESS Offset: 0 Length: 65536 
（中略）
explorer.exe:1220 CLOSE C:\SmitfraudFix.exe SUCCESS  
nod32krn.exe:376 OPEN C:\SmitfraudFix.exe SUCCESS Options: Open  Access: Read 
nod32krn.exe:376 QUERY INFORMATION C:\SmitfraudFix.exe SUCCESS Length: 1038438 
nod32krn.exe:376 READ  C:\SmitfraudFix.exe SUCCESS Offset: 0 Length: 511 
（中略）
nod32krn.exe:376 OPEN C:\SmitfraudFix.exe SUCCESS Options: Open  Access: 00100180 
nod32krn.exe:376 SET INFORMATION  C:\SmitfraudFix.exe SUCCESS FileBasicInformation 
nod32krn.exe:376 CLOSE C:\SmitfraudFix.exe SUCCESS  
nod32krn.exe:376 OPEN C:\SmitfraudFix.exe SUCCESS Options: Open  Access: Delete 
nod32krn.exe:376 OPEN C:\SmitfraudFix.exe SUCCESS Options: Open  Access: 00100080 
nod32krn.exe:376 QUERY INFORMATION C:\SmitfraudFix.exe SUCCESS FileInternalInformation 
nod32krn.exe:376 CLOSE C:\SmitfraudFix.exe SUCCESS  
nod32krn.exe:376 DELETE  C:\SmitfraudFix.exe SUCCESS  
nod32krn.exe:376 CLOSE C:\SmitfraudFix.exe SUCCESS