Dump Kids 0 Posted August 8, 2018 Share Posted August 8, 2018 hello, can anyone help me? on one of my windows server, I get Win32 / Krypitik virus and always display notifications from eset like this I might include a log from the PC : log collector : https://www.dropbox.com/s/ctbzduwtt10qkgj/efsw_logs.zip?dl=0 Process Monitor : https://www.dropbox.com/s/1avpmd885jsplgt/Logfile.PML?dl=0 Report from ERA : https://www.dropbox.com/s/wjnsceyit4u8m50/Detailed quarantined objects Server ESET.pdf?dl=0 Thanks before, Kings Regards Link to comment Share on other sites More sharing options...
Administrators Marcos 5,290 Posted August 8, 2018 Administrators Share Posted August 8, 2018 Is the malware being detected after a system restart? Even if you disconnect the computer from network? The Process Monitor log you've created is not from a boot. Please generate a boot log as per the instructions at https://support.eset.com/kb6308 , section Gather boot log files. Link to comment Share on other sites More sharing options...
Dump Kids 0 Posted August 8, 2018 Author Share Posted August 8, 2018 1 hour ago, Marcos said: The Process Monitor log you've created is not from a boot. Please generate a boot log as per the instructions at https://support.eset.com/kb6308 , section Gather boot log files. Hi Marcos, This Proces monitor from a boot : https://www.dropbox.com/s/qcvb3nhwyssvbwf/1 1 - Logfile.PML?dl=0 1 hour ago, Marcos said: Is the malware being detected after a system restart? Even if you disconnect the computer from network? malware can still detect it again and he kills the explorer.exe process when eset issues a notification. I don't have try to disable the network, and some PCs on the network are also infected with the trojan. Link to comment Share on other sites More sharing options...
Dump Kids 0 Posted August 13, 2018 Author Share Posted August 13, 2018 Hellow, My problem has been resolved, by updating my windows. Thanks before Link to comment Share on other sites More sharing options...
Recommended Posts