Jump to content

Archived

This topic is now archived and is closed to further replies.

Alejandro Hernandez

Problema con con virus Powershell/Agent.DG Troyano

Recommended Posts

Buen Día Tengo un problema ya que recientemente mis pc se saturaron por un proceso del powershell ESET lo marca como desfinfectado por Eliminacion pero lo sigue detectando dia con dia, agregue un aregla tanto en el firewall como en el HIPS para evitar que se ejecutara script extraños en el powershell pero mis pc siguen detectando la amenaza, me podrian comentar cual seria el procedimiento para la limpieza y eliminacion del mismo, anexo el ELC

ees_logs.zip

Machine translation:
Good day I have a problem since recently my PCs were saturated by an ESET powershell process that marks it as defunct by Elimination but it keeps detecting it day by day, add a firewall in both the firewall and the HIPS to avoid running strange script in the powershell but my PC continues to detect the threat, could you comment on what would be the procedure for cleaning and eliminating it, annex the ELC

Share this post


Link to post
Share on other sites

First of all, we kindly ask you to write in English since this is an English forum and most moderators and users speak primarily English.

Please remove C:\ProgramData\Microsoft\Windows\*.* from the exclusion list. Also I'd suggest upgrading to EFSW 6.5.

Is the threat detected even if the server is disconnected from the network and the server has been rebooted?

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×