Jump to content


  • Posts

  • Joined

  • Last visited

About Descloix

  • Rank

Profile Information

  • Gender
  • Location
  • Interests
    beta testing

Contact Methods

  • Yahoo
  • Skype

Recent Profile Visitors

612 profile views
  1. Let someone run the file documento.exe on their computer, and honestly write what happened. documento.exe - not Suspicious Objekt, this is totally Trojan.Ransom. I am absolutely sure that this cipher, to extort money from ignorant people. And the business version of the antivirus did not see it.It’s just a huge shame for the reputation of the company that puts advertising banners in Germany at the Bundesliga matches. Specifically - at the matches of Borussia Dortmund. BitDefender
  2. You must be ashamed. I will send a copy of the black screen to office ESET but asking me to pay for decrypting my computer files. This happened after launch DOCUMENTO.EXE (documento.exe) This virus completely destroyed all the disks on the computer. All information was encrypted. And for the decryption they asked for 734 dollars. Tomorrow I will remove ESET from my computer and install an antivirus that is looking for something in file firefox.exe, nightly.exe, and opera installer. I will put an antivirus with a powerful cloud service, which will remove or place any suspicious file in the sandbox. Kaspersky, Norton, Malwarebytes, Zemana,
  3. adelantado.dll - a variant of Win32 / Injector.EHZT trojan was inside the archive along with other files that were in different directories and even in the registry. the virus was in file "Documento.exe" - he infected memory and changed registry keys, he was in directories Roaming, Temp, Windows > Tasks, Roaming > Microsoft > Cripto. That is why he infected the computer's memory and files from various directories.
  4. Once again. https://imageban.ru/show/2019/09/26/e137d33ae8e08e0aedcb3e5a9327e298/png Again Microsoft, McAfee, AVG, Avast, Sophos, Fortinet - W32/Generic.AC.4231A6, McAfee - Artemis!BDF54634DDA8, Microsoft - Trojan:Win32/FuerboosC!cl Shame not to include files in extensions .exe
  5. Tell me please when file "Documento.exe" will be detected as a virus. Kaspersky, Microsoft, McAfee a day ago they gave a detection. And many more antiviruses recognized the Trojan in it. This is a real Trojan. ESET is silent when unpacking a file. Norton delete immediately this file.
  6. hxxp://forum.byw.ru content and resourse are must be blocked for visiting
  7. This module collects information about web addresses and their owners. Also this module collects and sells web addresses. Disable antispam. Sent to ESET. My mail should not be read by anyone, only the addressee. This is an article of the Criminal Code on owny countries. It is forbidden you know ESET. Read your license agreement .............
  8. It's just incredible. It's just incredible. My 11-year-old sister knows that ask.com it is rare muck. One must be an idiot to allow to install this toolbar. By the way, virustotal............................................................
  9. In that case, you need to make the module, as it is implemented in Comodo. The program writes that it considers this application potentially dangerous. And this application has helped me many times and has never harmed the system. The problem is that if you have a detect, then there not a choice. The file is immediately quarantined. It would be useful to isolate the file and write Win32 / ProcessHacker.A, then give the user a choice like on the screenshot in the attachment. But only for potentially unwanted or dangerous programs. This does not apply to viruses. The virus must be deleted. I do not have time to unzip and install the program. You immediately delete it. I return it from quarantine, but again I do not have time to add it to the exceptions. It is just necessary to turn off the antivirus.
  10. https://wj32.org/processhacker/forums/viewforum.php?f=5 A legitimate program that has been used by different people for many years to accurately remove processes, rootkits, to track processes and their actions in the system. Absolutely safe. ESET Endpoint Security 7.0.2053.0 delete file kprocesshacker.sys and remove from Program Files program folder.
  11. 1) ip-132-148-197-187.ip.secureserver.net - Are you sure that behind this IP is not a maniac killer or a hacker who collects information? I do not know. It's just numbers and letters. People are behind them. What people? You know? Did you see them? Do you know them? Did you analyze the outbound traffic from computer when an application QTXWPF.exe. is connected to the Internet? 2) QTXWPF.exe - it's just letters. But and I gave you a link(!!!) with a modified file, which is a medium-level threat according to the antivirus company Symantec. Also 24 (!!!) AV company: McAfee, Kaspersky, BitDefender, Avira, Comodo etc. classify this file as a trojan. https://www.virustotal.com/#/domain/www.xyzhosting.net - I saw this link and I can tell you one thing: if 25-30 out of 60 antivirus companies say the virus file, then it is. 30 AV companies correctly identified the virus. At somebody this file is classified as a trojan, and someone considers it adware or malware. In any case, it's a virus. Today, the virus is more and more classified according to behavioral analysis and reputation. This is correct. Because it makes it clear what harm to the person sitting at the computer is doing this or that application or file. Now almost the middle of the 21st century, stealing a password is nonsense. 1 minute - and I'm on the phone recovering the password. The collapse of the system is not a catastrophe. 20-30 minutes - and I completely reinstalled the system. The same amount of time it takes to scan for viruses. All files and programs that harm the system should be considered a threat and the most dangerous ones must be immediately removed from the computer. The remaining medium-risk files should be isolate by means of the antivirus and give the user a choice, warning him. For example P.S. https://www.upload.ee/files/8450398/Network_Booster_1.1.rar.html Symantec delete this file, ESET only block at startup. File connect to internet and It creates traffic. Done.
  12. If the program leaves files of incomprehensible content in various system directories, registers itself in startup and changes the browser's start page, then this is a HARMFUL program. It also creates empty folders and connects to the Internet. In your opinion, is this normal? A person is going to defend his doctoral dissertation, and in it are unclear files, when launching which appear game windows, windows crashes in the system and all those windows and files that I and other people have posted above. Symantec, Kaspersky and F-Secure have detect of this virus or malware. At the top of the Norton Internet Security window written: the file contains a medium-level threat. Name: WS.Reputation.1 It is also written: the threat is eliminated. If an antivirus is not listed in the virustotal, it does not mean that it does not recognize the threat in this file.
  13. This window appeared after the rules of HIPS, which prohibit the creation, launch and modification of any other files and system parameters
  • Create New...