Alejandro Hernandez 0 Posted April 16, 2018 Share Posted April 16, 2018 (edited) Buen Día Tengo un problema ya que recientemente mis pc se saturaron por un proceso del powershell ESET lo marca como desfinfectado por Eliminacion pero lo sigue detectando dia con dia, agregue un aregla tanto en el firewall como en el HIPS para evitar que se ejecutara script extraños en el powershell pero mis pc siguen detectando la amenaza, me podrian comentar cual seria el procedimiento para la limpieza y eliminacion del mismo, anexo el ELC ees_logs.zip Machine translation: Good day I have a problem since recently my PCs were saturated by an ESET powershell process that marks it as defunct by Elimination but it keeps detecting it day by day, add a firewall in both the firewall and the HIPS to avoid running strange script in the powershell but my PC continues to detect the threat, could you comment on what would be the procedure for cleaning and eliminating it, annex the ELC Edited April 17, 2018 by Marcos Machine translation added Link to comment Share on other sites More sharing options...
Administrators Marcos 5,406 Posted April 17, 2018 Administrators Share Posted April 17, 2018 First of all, we kindly ask you to write in English since this is an English forum and most moderators and users speak primarily English. Please remove C:\ProgramData\Microsoft\Windows\*.* from the exclusion list. Also I'd suggest upgrading to EFSW 6.5. Is the threat detected even if the server is disconnected from the network and the server has been rebooted? Link to comment Share on other sites More sharing options...
Recommended Posts