tretecou 0 Posted January 13, 2019 Share Posted January 13, 2019 (edited) Hello every1, I have the latest Eset Nod 32 v12 Antivirus and i would like to ask a question. When I am using my PC it often brings up a window of an ip blockage and i would like to know where the connection comes from and how to remove it. It looks like this : hxxp://www.bdtpsljlbm0v9rwu.peer-dns.host /bdtPSlJLbM0v9RWU.exe; Blocked by intern blacklist; C:\Windows\Temp\ec444860876fe25bd993a70009686b36\Windows Driver System Updater.exe; NT AUTHORITY\SYSTEM; 85.25.248.222; BB18441778B4127C660C7298692E5DA399D6D286 I really need to remove that malware but im not an expert in virus removing, i did a FULL check of my system and it keeps on doing it, any help? Thanks. ( Sorry for the foreign language, but im slovak ) Included a picture. Edited January 13, 2019 by tretecou Polishing the text Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted January 13, 2019 Administrators Share Posted January 13, 2019 Please check if you have Advanced driver installer or something along that line installed. It appears to be PUA. Consider uninstalling it and also check your settings if you have opted for detection of potentially unwanted applications during installation. Link to comment Share on other sites More sharing options...
tretecou 0 Posted January 13, 2019 Author Share Posted January 13, 2019 (edited) Thank you very much m8, im going to check it right now. After checking most of the pc i only found this in registries under HKEY_USERS : Software/Caphyon/AdvancedUpdater/{80070F05-6752-45AE-A71D-C9D930C36D81}/Settings I dont really know if it is malicious but im still going to delete it bcuz i dont need any of that And yes everything is opted in the settings. Edited January 13, 2019 by tretecou Link to comment Share on other sites More sharing options...
Recommended Posts