Jump to content

Eset keeps blocking a malicious ip adress, NEED HELP


tretecou
 Share

Recommended Posts

Hello every1, I have the latest Eset Nod 32 v12 Antivirus and i would like to ask a question.

When I am using my PC it often brings up a window of an ip blockage and i would like to know where the connection comes from and how to remove it.

It looks like this : 
hxxp://www.bdtpsljlbm0v9rwu.peer-dns.host /bdtPSlJLbM0v9RWU.exe; Blocked by intern blacklist; C:\Windows\Temp\ec444860876fe25bd993a70009686b36\Windows Driver System Updater.exe; NT AUTHORITY\SYSTEM; 85.25.248.222; BB18441778B4127C660C7298692E5DA399D6D286

I really need to remove that malware but im not an expert in virus removing, i did a FULL check of my system and it keeps on doing it, any help?

Thanks.

( Sorry for the foreign language, but im slovak ;) )

Included a picture.

lol.png

Edited by tretecou
Polishing the text
Link to comment
Share on other sites

  • Administrators

Please check if you have Advanced driver installer or something along that line installed. It appears to be PUA. Consider uninstalling it and also check your settings if you have opted for detection of potentially unwanted applications during installation.

Link to comment
Share on other sites

Thank you very much m8, im going to check it right now. 

After checking most of the pc i only found this in registries under HKEY_USERS : Software/Caphyon/AdvancedUpdater/{80070F05-6752-45AE-A71D-C9D930C36D81}/Settings

I dont really know if it is malicious but im still going to delete it bcuz i dont need any of that :)

And yes everything is opted in the settings.

Edited by tretecou
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...