Jump to content
tretecou

Eset keeps blocking a malicious ip adress, NEED HELP

Recommended Posts

Hello every1, I have the latest Eset Nod 32 v12 Antivirus and i would like to ask a question.

When I am using my PC it often brings up a window of an ip blockage and i would like to know where the connection comes from and how to remove it.

It looks like this : 
hxxp://www.bdtpsljlbm0v9rwu.peer-dns.host /bdtPSlJLbM0v9RWU.exe; Blocked by intern blacklist; C:\Windows\Temp\ec444860876fe25bd993a70009686b36\Windows Driver System Updater.exe; NT AUTHORITY\SYSTEM; 85.25.248.222; BB18441778B4127C660C7298692E5DA399D6D286

I really need to remove that malware but im not an expert in virus removing, i did a FULL check of my system and it keeps on doing it, any help?

Thanks.

( Sorry for the foreign language, but im slovak ;) )

Included a picture.

lol.png

Edited by tretecou
Polishing the text

Share this post


Link to post
Share on other sites

Please check if you have Advanced driver installer or something along that line installed. It appears to be PUA. Consider uninstalling it and also check your settings if you have opted for detection of potentially unwanted applications during installation.

Share this post


Link to post
Share on other sites

Thank you very much m8, im going to check it right now. 

After checking most of the pc i only found this in registries under HKEY_USERS : Software/Caphyon/AdvancedUpdater/{80070F05-6752-45AE-A71D-C9D930C36D81}/Settings

I dont really know if it is malicious but im still going to delete it bcuz i dont need any of that :)

And yes everything is opted in the settings.

Edited by tretecou

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×