H3xX0r 0 Posted April 17, 2018 Share Posted April 17, 2018 Hi, Im administrator of my company ESET Remote Administrator. Today when I reviewed the ESET log which send from my client, I find out that one of my client has infected by Win32/Agent.TXV, serverity is Critical but ESET can not clean it. What can I do to clean this trojan? Further information you can find in this raw log: {"hostname":"","@timestamp":"2018-04-16T23:06:12.000Z","syslogtag":"ERAServer[2132]","@version":"1","id":"10","system.auth.timestamp":"Apr 17 06:06:12","message":"{\"event_type\":\"Threat_Event\",\"ipv4\":\"\",\"hostname\":\"\",\"source_uuid\":\"\",\"occured\":\"16-Apr-2018 23:05:46\",\"severity\":\"Critical\",\"threat_type\":\"trojan\",\"threat_name\":\"Win32/Agent.TXV\",\"scanner_id\":\"Startup scanner\",\"scan_id\":\"virlog.dat\",\"engine_version\":\"17233 (20180416)\",\"object_type\":\"boot sector\",\"object_uri\":\"file:///1\",\"action_error\":\"unable to clean\",\"threat_handled\":false,\"need_restart\":false}\n","type":"eset","tags":[]} Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted April 17, 2018 Administrators Share Posted April 17, 2018 Please collect logs with ELC on that machine and provide me with the generated archive for perusal. Link to comment Share on other sites More sharing options...
Recommended Posts