Jump to content

Archived

This topic is now archived and is closed to further replies.

Erwin - IT support groep

Virus keep coming back?

Recommended Posts

Since april ESET is giving a warning that the endpoint has found a Trojan and delete it by cleaning. Trojan is deleted (atleast that is what the system is saying), the next day the Trojan is back and get deleted again. I scanned the endpoint with a full pc scan and nothing has been found, but still every day the Trojan is back. 

 

How can it be that ESET doesn't find anything on full scan, but everyday keep saying that ESET deleted a Trojan. 

Trojan: Win32/Exploit.CVE-2017-11882.B

Share this post


Link to post
Share on other sites

What version of MS do you use? Do you have all critical updates for MS Office installed?

Please drop me a message with logs gathered by ESET Log Collector attached.

Share this post


Link to post
Share on other sites

Office 365 and system and office are up to date.

At the moment I cannot connect to the device. The device is at our customer. 

 

Is there a way to get the logs without connection to they devices?

 

i am kinda new to ESET.

 

Share this post


Link to post
Share on other sites
6 hours ago, Erwin - IT support groep said:

Trojan is deleted (atleast that is what the system is saying), the next day the Trojan is back and get deleted again

This usually indicates the malware has established persistence on the device. It reloads itself at system startup time. You might want to read my comments about like detection methods for this here: https://forum.eset.com/topic/15595-coin-miner/

Share this post


Link to post
Share on other sites
35 minutes ago, itman said:

This usually indicates the malware has established persistence on the device. It reloads itself at system startup time. You might want to read my comments about like detection methods for this here: https://forum.eset.com/topic/15595-coin-miner/

Thanks I will look into this.

Share this post


Link to post
Share on other sites
On 5/31/2018 at 12:06 PM, Erwin - IT support groep said:

Is there a way to get the logs without connection to they devices?

No, it's not possible since the tool gathers logs from the system as well as ESET's logs, configuration, etc.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×