Jump to content

Search the Community

Showing results for tags 'removal tool'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • ESET General Forums
    • ESET Announcements
    • General Discussion
    • Forum FAQ's and Rules
    • Submit a virus, website or potential false positive sample to the ESET lab
    • Quick questions by guests (registration not required)
    • WeLiveSecurity.com
  • ESET Home User Products
    • ESET Internet Security & ESET Smart Security Premium
    • ESET NOD32 Antivirus
    • ESET Cyber Security (for Mac)
    • ESET Cyber Security Pro (for Mac)
    • ESET NOD32 Antivirus for Linux Desktop
    • ESET Products for Mobile Devices
    • Web portals
  • Malware Detection and Cleaning
    • Malware Finding and Cleaning
    • ESET Standalone Malware Removal Tools
  • ESET Business User Products
    • Customer Research Opportunity
    • Gartner Peer Insights review invitation
    • ESET Cloud solutions
    • ESET Endpoint Products
    • ESET Products for Windows Servers
    • ESET Products for Linux Servers
    • ESET Products for Mobile Devices
    • Remote Management
    • ESET INSPECT (Detection and Response)
    • ESET Products for Virtualized Environments
    • Encryption
    • ESET Licensing for Business
    • Other ESET business products
  • ESET Beta Products
    • ESET Beta Products for Home Users
    • ESET Beta Products for Business Users
  • Slovak and Czech forums
    • ESET NOD32 Antivirus, ESET Internet Security a ESET Smart Security Premium
    • Produkty pre mobilné zariadenia
    • Vírusy a iné hrozby
    • Ostatné


  • Files
    • Early Access
    • Miscellaneous
    • Outlook plugin BETA
  • ESET Cyber Security 7 BETA
  • ESET Bridge BETA

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






User type

Found 13 results

  1. I have encrypted files with the ending [amagnus00@gmx.org].wallet, is this a new version of the Dharma encrypter? Neither the Eset decrypter nor the RakhniDecrypter helped.Attached is a .lnk file from the infected computer.Is there something I can do?Thank you. [amagnus00@gmx.com].wallet.zip
  2. Hi I'm looking for a way to remove some PUM.Dns infections on a customer PC. Virus Total flags it as a Win32.WisdomEyes.It seems to be uploading data at various times causing up to 100% cpu resources. Eset EndPoint does not pick it up on scan. ADW picks it up and removes some files if the pc is off line but once the pc is back on line back to square one. Any help appreciated.... Just to note customer pc is used from 6am to 10pm 7 days a week with 4 to 6 users. I have tried numerus tools to try to remove it with no success ie. Scan / removal Online - Offline etc. Registry Infections Flagged: [PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{39852A22-795B-43B6-B0DA-5AE8468BCBFD} | DhcpNameServer : ([ireland][ireland]) -> Found [PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{39852A22-795B-43B6-B0DA-5AE8468BCBFD} | DhcpNameServer : ([ireland][ireland]) -> Found [PUM.StartMenu] HKEY_USERS\S-1-5-21-2719048277-607677208-3562655459-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : I have a small Endpoint log that I can PM as customer personal information is prevalent.
  3. Surfing (for a new door) tonight, my wife ran her 64-bit Win7 Ultimate into what's apparently a 'tech help' scam (screen shot attached). Couldn't shut the tab in Chrome so Task Manager-closed the whole browser. Upon reboot began to run NOD32, which promptly reported a blocked boot sector in the logical drive I park data in -- not drive C: but an E: I carved out of the hard drive back when. NOD32 was finding NO infections per se but a lot of corrupted files; so I shut the machine completely down. Before I turn it back on, should I load Eset's ERARemover or what? Nobody in this forum nor webwide is remarking this specific problem set. Thanks in advance for any real insight anyone can offer.
  4. hxxp://www.picklingtank.com/ eset blocking websites - even there is no malware Why it is blocked by antivirus and showing it harmful - kindly check and update
  5. I have a server infected with a ramsomware. ESET File Security has not detected the threat. He renamed spreadsheets (.xlsx) for the .LeChiffre extension. Do you have any removal tool or recovery of files? Thanks. André L.R.Ferreira
  6. Just want to share interesting information: ESET releases new decryptor for TeslaCrypt ransomware hxxp://www.welivesecurity.com/2016/05/18/eset-releases-decryptor-recent-variants-teslacrypt-ransomware/ How do I clean a TeslaCrypt infection using the ESET TeslaCrypt decrypter? hxxp://support.eset.com/kb6051/
  7. I used the ESET SysRescue Live CD recently on a friend's computer which is having issues with someone with malicious intent spying on it and their accounts, but we have no idea how, or if the problem is even linked to malware at all. The scan came up with this one file is identified as a threat: /media/LocalDisk2/Windows/System32/MRT/3AC662F4-BBD5-4771-B2A0-164912094D5D/FilesStash/8084C12D-55D6-8FA0-7260-10BEA64DD6E4 - probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application - action selection postponed until scan completion ESET just identified the threat, but I saw no option to clean or delete it. It was a free version, not sure if there is a paid version of SysRescue and whether we need that in order to actually deal with the threat. Firstly, should the threat be removed, and secondly, how? I am not sure if it is possible to actually navigate to any particular file on the computer and delete it in this case. Thank you for your help.
  8. ESET has been detecting and deleting the same virus from the same location every day for the last few weeks. According to the logs which I have attached, every morning on startup the virus gets deleted which means that it is being reinstalled every 24 hours. I have run a bootable bitdefender disk a few days ago but it did not succeed in killing this particular virus. Any responses are appreciated Thanks, Dan
  9. I use veracrypt to decrypt my truecrypt drives. Yesterday, I ran veracrypt, and the dialog/box that came up was fully (99%) in some arabic scrollwork...NOT English so, I thought, after closing and reopening with same results, maybe I could 'remove' or 'uninstall' the program, then re-install? Right? Wrong...the uninstaller was in Arabic Not English either...so I didn't know what buttons to push on the dialog box... finally, I used the uninstall without tracing log feature, (Revo Uninstaller Pro) and it has been uninstalled...I have yet to download and re-install Veracrypt...but if this happened once...won't it happen again?... Q: Wow...this is a powerful way to destroy data in my system...how did this 'hack' or corruption take place with ESET running??? Please explain to me this. Thanks
  10. I got 2 recent HP PCs in Win7 64 bits with NOD32 v8 running with the most restrictive settings, our payement software detected the presence of a version of dridex/dryer not seen by nod32 : how is it possible to get rid of it ?
  11. Hi, I have noticed a blockage trying to visit a multi media installer website the other day. Checking on eset cyber security pro, I found this virus quarantined 3 times. Here is the log content 21/03/14 17:12:50 HTTP filter archive hxxp:// www.connectmult imedia.com.au JS/Agent.NKW trojan connection terminated - quarantined 747john 21/03/14 17:11:51 HTTP filter archive hxxp:// www.connectmultimedia.c om.au JS/Agent.NKW trojan connection terminated - quarantined 747john 21/03/14 17:11:16 HTTP filter archive hxxp:// www.connectmultimedia.co.au/hom e-page JS/Agent.NKW trojan connection terminated - quarantined 747john I am doing a smart scan now, if negative, can I suppose it didn't spread into my computers, all Mac Mavericks V.10.9.3, all protected by Eset CP Any information about this threat would be welcome, thanks, John
  12. Last Night I was infected by Poweliks while using ESET Smart Security 8. Due to being infected by Poweliks in November while using a different av, I recognized the infection right away. The "ESET Poweliks Cleaner" tool DOES appear to remove the infection. Is your real-time av simply not able to deal/detect registry based infections? Should I upload the Poweliks Cleaner log somewhere? I am unsure what information is passed on to ESET when I use the removal tool. The only reason I was able to deal with this infection in a timely manner was because of my previous experience/knowledge. Below is a detailed description of the event. Using a fully up to date Internet Explorer (with up to date Flash), I visited 4 websites and made no download attempts. The 4 sites were Google, Youtube, a page on forums.civfanatics.com, and a page on strategywiki.org. After visiting the last website, within 2 seconds the Smart Security firewall alerted me of dllhost.exe trying to be outbound traffic. Please note that i'm using Interactive Mode for the firewall. After choosing to deny outbound access, the firewall alerted me that Windows Powershell wanted outbound access as well. A look in Windows Task Manager did indeed show a single dllhost.exe process that had no legitimate reason to be running at the time. The Image Path and Command Lines were blank and right clicking properties would do nothing. I Immediately went to google then to ESET's Poweliks Cleaner and downloaded successfully. My Internet security settings were not changed to stop downloads. I am unsure when this action occurs with Poweliks. Perhaps after communication with the server? (which I think I blocked). The ESET Poweliks Cleaner found and removed the Poweliks infection. Two restarts later and Poweliks Appears to still be gone.
  13. Hi I have an ads by notification that has attacked all my browsers google fox and IE. it constantly has those flashing ads and it says ads by notification. You can close them but then it starts loading another one a few seconds later. I have Eset and it constantly sets this off too Have scanned and cleaned but it hides somewhere in the system and its back again. Can anyone help have tried a few removal tools but nothing seems to work. much appreciated.
  • Create New...