Jump to content

Search the Community

Showing results for tags 'malware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • ESET General Forums
    • ESET Announcements
    • General Discussion
    • Forum FAQ's and Rules
    • Submit a virus, website or potential false positive sample to the ESET lab
    • Quick questions by guests (registration not required)
    • WeLiveSecurity.com
  • ESET Home User Products
    • ESET Internet Security & ESET Smart Security Premium
    • ESET NOD32 Antivirus
    • ESET Cyber Security (for Mac)
    • ESET Cyber Security Pro (for Mac)
    • ESET NOD32 Antivirus for Linux Desktop
    • ESET Products for Mobile Devices
    • Web portals
  • Malware Detection and Cleaning
    • Malware Finding and Cleaning
    • ESET Standalone Malware Removal Tools
  • ESET Business User Products
    • ESET Cloud solutions
    • ESET Endpoint Products
    • ESET Products for Windows Servers
    • ESET Products for Linux Servers
    • ESET Products for Mobile Devices
    • Remote Management
    • ESET Enterprise Inspector (EDR)
    • ESET Products for Virtualized Environments
    • Encryption
    • ESET Licensing for Business
    • Other ESET business products
  • ESET Beta Products
    • ESET Beta Products for Home Users
    • ESET Beta Products for Business Users
  • Slovak and Czech forums
    • ESET NOD32 Antivirus, ESET Internet Security a ESET Smart Security Premium
    • Produkty pre mobilné zariadenia
    • Vírusy a iné hrozby
    • Ostatné


  • Files
    • Early Access
    • EES / EEA 9 BETA
    • Miscellaneous

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Hi there, I have ESET Internet security for a long while and update it consistently, but recently I've got a strange malware named bwplayer, As I searched google, there was a guide how to remove it on Microsoft forum Accordingly I did a full scan, and it didn't find out anything, I also tried online scanner but it didn't detect anything neither. I checked the list of installed apps on OS and there was nothing suspicious, I trust all the apps there. Any advice? All the best
  2. Does ESET Cyber Security only detects OR removes the OSX.Proton malware found in Eltima Software some days ago? Thanks for any information you can provide me Came
  3. the sample which i have provided can easily tell the password of ones wifi connection and sometimes of their router too. I guess detection is needed for this.\ the file named - WiFiPasswordRevealerInstaller ,when you will scan on virustotal does not shows any danger, virustotal shows it as a clean file, but personally if you will install the file and run the file then you will come to know that it can reveal your wifi password. https://www.virustotal.com/#/file/6f37eda632e5bf3bf4db10f9a635dae20714b16fe9200bf25fe390d8a40120be/detection WiFiPasswordRevealerInstaller.zip
  4. https://www.onmsft.com/news/wikileaks-releases-cia-spyware-known-as-athena-that-targets-all-windows-versions-from-xp-to-10 https://wikileaks.org/vault7/#Athena First link mentions it as spyware though the malware itself may be different. Documents and the rest are in the second link. Now if you really want to avoid this, just install Windows 98
  5. Hello, i want to ask you about the tragedy of Ransomware Wannacry. I was reading on TEKNOLIME about how to remove the ransomware wannacry but after that, thehacernews (CMIIW) was share if there is ransomeware Wannacry v2.0? maybe anyone can tell me that its true or not? thanks
  6. Someone has created a phantom account on my computer. I have tried many times to remove the phantom account but it keeps coming back. I live alone and no one else has access to my computer, I do not allow anyone to access my computer. the account name is weird. I'm I have no idea how this person obtained access to my computer and I need help removing it from my computer. I also notices some files were created that have the phantom account name in them. The phantom account name is ktsxoniqjihq. Can anyone help me with this issue. No one has stolen my computer its a desk top and I'm using it right now. I have tried to used the snip it tool to show you but that tool doesn't seem to want to work for me.
  7. Hello dears my name is Masen In this Time there is not any trojan/spamer/malware in my website. but my website is in NOD32 blacklist yet two days ago i was sent an email to samples@eset.com with ScreenShot but yet my website is in blacklist please Guide me
  8. anybody can help me? i'm owner from .... Indonesia, and i use eset node 32 for my antivirus, but why my pc always attack by malware? can u help me to fix that malware with eset? Thanks before
  9. So, Windows Defender has been throwing this at me recently. "BrowserModifier:Win32/SupTab!blnk" I looked it up and Windows Defender is supposed to be able to take care of it but that isn't the case as it comes back within seconds of its alleged cleaning. I've run ESET scans a few times, I made sure to do a thorough scan as well and it DOES find what I believe it said was a Trojan but I think it has trouble deleting it. Even when it finds it and says it deleted it it still comes back. Could anyone help me figure out how to fix this?
  10. Hello, I am having some issues with a threat dialog box which appears often, however the Eset scan does not seem to detect anything that it can quarantine and clean. Could you please help me solve the issue? Thank you. VB
  11. I keep getting the dialog box that WIndows has detected an IP Conflict. I have no idea what the conflict could be. Could I have a virus? When I click on the word Computer, it gives me the IP address The router IP address. What should I do? I have run the scans, and I find nothing. Cheryl
  12. Hi guys, I recently booted windows and I say windows update running. Since I have it controlled (no automatic updates) I thought this was strange. I thought that it might be some forced update from MS or something so I went to the controllpanel inorder to check what was installed. It says silverlight. But I know that I do not have silverlight on my computer, so why would it update something..it does not have. So I ran eset (swedish version) I found this: Logg C:\Documents and Settings\All Users\Piriform Ltd\CCleaner\\اسم مجلد اختار اي اسم لا يهم\windowsupdate.vbs - VBS/Kryptik.ET trojan - rensad genom borttagning [1] C:\Documents and Settings\All Users\Piriform Ltd\CCleaner\\اسم مجلد اختار اي اسم لا يهم\ccsetup500.exe = NSIS = PF-Toolbar-W78.exe - är OK I manually removed Piriform Ltd and sub dictonaries after that.I used google translate inorder to translate "اسم مجلد اختار اي اسم لا يهم" and it turns out that it is "Chose any folder name does not matter \ name" So my suspension is that a script kid used a tool for the infection. Somebody in a rush since they did not name the folder either. How can this been transmitted? I have never seen anything like it. Have you?
  13. Hello, My Name Aris from Indonesia. I am very sad, because my data komputer lost. All file have change to cerber.3 extention. Help, please give me a problem solving to my problem. Thanks.
  14. Dear Team There Is Continuous popup Win32/TrojanDownloader.Waucho detects In memory. even after scan with online scanner in safe mood and also with ESET SysRescue Live. problem is same . screen shot attach with this. how to clean this infection. kindly help us. Thanks and regards. Harshad Mistry
  15. I pushed WPS button on modem not knowing what it was so I did research (which I probably should have done first) and discovered that I may have made myself vulnerable to a "brute force attack". Well anyway I don't know if it is coincidence but now my firefox browser wont let me access certain websites like my email or play utube videos and I am getting "You are not secured". My other browser "edge" will let me. Further research while trying to find a solution to FF browser says certificates might have been changed by a third party and just waiting for me to allow them to be recognized thus letting them into my computer/network. How close would a device have to be to what I am assuming is being recognized by my modem/Wi-Fi. and what I am also assuming access to the info on my laptop. So now I do not dare to try and get to my financial institution website on either browser. How can I tell if I have been compromised? If I take my rented modem/Wi-Fi and trade it in for a new one with a new network name and password will I be secure again? Does that make sense? Like my name says I am not computer tech savvy. Would greatly appreciate and thankful for any help.
  16. I received a message "virus a variant of JS/Danger.ScriptAttachment Trojan) 611704722.tiff Eset recognized and it's in my inbox. What should I do? Is it safe to just delete the message?
  17. This has come up before but I am bringing it up again because it is an important topic. Is there a way to exclude detected hashes in endpoint products either directly in the endpoint or via remote administrator? We have some code and programs being popped as malware that does not live in one specific directory. ERA detects all of the hits as the same hash. We would like to exclude the hash as a false positive.
  18. I am excluding and restoring from quarantine via ERA and the local ESET client (6.4.2014.0) tftpd32.exe but as soon as it is restored and excluded either via ERA or the local client, ESET pops it again and sends it back to quarantine. This is also happening on ESET File Security for Windows Servers.
  19. Dear ESET I am the IT manager at MHPS-ZAF and we have been waiting for a signature update in regards to the virus as listed on virus total. We are not able to work as all networks and WAN/LAN connections are down due to the spread of this virus. Please help with any info as I have been unable to contact anyone from ESET since Friday. https://www.virustotal.com/en/file/53ded0c3da41ecacb88815f781512995a1780697540966a9d9dda55f93aef392/analysis/1471777537/
  20. why is eset not detecting this worms? I know that its new but the signature developer must sniff for new patterns. I scan it in virusTotal and its detection ratio is 22/55 so please add its signature on the next virus update engine.... I can't believe eset miss this its my fav antivirus on this digital world!
  21. We have a custom inline script that obscures a mail to address but ESET and some other endpoint products are knocking it down. The code is: <script type="text/javascript"> <!-- var s=" =b!ujumf>#Fnbjm!Tbsbi#!isfg>#nbjmup;tbsbiAtbsbitjohjoh/dpn#?Tbsbi=0b?"; m=""; for (i=0; i<s.length; i++) m+=String.fromCharCode(s.charCodeAt(i)-1); document.write(m); //--> </script> Because we are purposely trying to utilize this javascript, how can we whitelist this? Machine details of the threat are below: [redacted] COMPUTER DESCRIPTION John Ball THREAT NAME JS/Kryptik.AD THREAT TYPE trojan SEVERITY Warning OCCURRED 2016 Jun 2 08:30:18 THREAT HANDLED Yes RESTART NEEDED No ACTION TAKEN cleaned by deleting ACTION ERROR OBJECT TYPE file OBJECT URI [redacted]/test.html CIRCUMSTANCES Event occurred on a newly created file. SCANNER Real-time file system protection ENGINE VERSION 13585 (20160602) PROCESS NAME C:\Windows\notepad.exe USER NAME [redacted]
  22. Hi ESET Community, ESET AU support is taking a little bit longer than I'd like to get back to me (because I'm admittedly rather impatient.) I am currently investigating rolling out ESET EndPoint antivirus to a domain of 50+ computers. We have a document containing what ESET identifies as Win32/Kryptic.EMBF that I'm currently using for testing, as we had a PC recently infected via this document. When emailled to me yesterday, this document was collected from my email and moved to infected items (which I expect). The copy in a folder on my desktop was also picked up and removed when accessing the directory in question. I subsequently installed EndPoint antivirus on my Manager's machine with the same policies, and did the same as a demonstration, however unfortunately, it was not picked up in his email, nor in a folder on his desktop. What is more worrying is that my manager has re-sent the file to me today, and while it was previously detected on this PC, in this case it was not detected by ESET EndPoint Secuirty. I have also saved and opened the infected document with no interference from ESET. No alterations have been made to the configuration of my PC the item has not been marked as safe no directories are ignored Email scanning is enabled Realtime protection is enabled Document scanning is enabled Both PUA options are enabled Detection of suspicious applications is enabled. Scanning the file manually, the log entries are as follows:
  23. Dear All: If this issue is on the forum and been answered, I apologize for duplicating the post but I've used the search tool and not gotten any results. Here are the basic facts: 1) ESET File Security (latest version installed 2 May) 2) Server 2012 R2 3) Clients all Win 7 Ultimate (3) + client Win 8.1 (1) 4) Error - MS Antimalware Real-Time Protection feature encounters an error and fails 5) Only machine affected so far is the client workstation I'm using to logon to the Eset ERA 6) The error is locking up the client and only a hard equipment reboot of the workstation brings back functionality on the workstation Has this been encountered before? I'm posting on the forum as it is Saturday and support is closed on weekends. Note: I'm still grappling with installing this, so far, I have the era up and running on the server, the era agents installed on the clients, and I've set up a group with the clients. I'm about to set a policy for the group to see if that will push out the anti-virus, right now the clients have not received any anti-virus protection that I can perceive. Any help appreciated, Scott Roe
  24. In case anyone is interested, you can boot directly from the SysRescue ISO from a bootable USB drive with persistent updates, by adding it to an Easy2Boot multiboot USB drive (free). See my blog post here.
  25. So, there's supposedly an exploit to Apple Quick Time that has every one, including the government saying we should immediately uninstall Quick Time. From what I understand, the exploit relies on Quick Time (V7.3 and higher) playing content that causes malware to be loaded. I have a number of programs that need to have QT running so I can't really afford to summarily uninstall it. Fortunately, I and the programs I use don't need to use the external-media playing functions of QT. That, and I've disabled it as a default multi-media player in general. My question is what are the known workarounds are available until ESET has either protection implemented or a statement regarding protection availability.
  • Create New...