syr0x 0 Posted March 14, 2019 Share Posted March 14, 2019 Hello After i was traveling i came back to see a message that i need to restart my computer after cleaning. but the message wont go away What should i do Windows 7 Ultimate Link to comment Share on other sites More sharing options...
itman 1,754 Posted March 14, 2019 Share Posted March 14, 2019 You need to post in English what is shown in the Eset alert. This forum is for English language speakers. Link to comment Share on other sites More sharing options...
syr0x 0 Posted March 14, 2019 Author Share Posted March 14, 2019 6 minutes ago, itman said: You need to post in English what is shown in the Eset alert. This forum is for English language speakers. I have the antivirus in Hebrew but that says what i just descirbed. Link to comment Share on other sites More sharing options...
itman 1,754 Posted March 14, 2019 Share Posted March 14, 2019 Again, most of us don't know Hebrew. So you will need to post; i.e. type in your reply, what the alert states in English. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted March 14, 2019 Administrators Share Posted March 14, 2019 Also please post the appropriate record from the Detection log. Again, make sure it's in English so that we don't have to translate it ourselves. Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted March 14, 2019 Most Valued Members Share Posted March 14, 2019 1 hour ago, itman said: Again, most of us don't know Hebrew. So you will need to post; i.e. type in your reply, what the alert states in English. Exactly : A restart is needed in order to complete the cleaning process , Do you want to restart now? - That's the translation. Link to comment Share on other sites More sharing options...
syr0x 0 Posted March 14, 2019 Author Share Posted March 14, 2019 4 minutes ago, Rami said: Exactly : A restart is needed in order to complete the cleaning process , Do you want to restart now? - That's the translation. Ok, First of all im sorry .I don't know how to change the language And that's exactly what it means and this still poping up even after the restarts Link to comment Share on other sites More sharing options...
itman 1,754 Posted March 14, 2019 Share Posted March 14, 2019 (edited) As @Marcos previously requested, you need to access Eset's Detection log and find the recent entry associated with this malware detection. You then need to post what is shown there in English. To accomplish this, right click on the log entry and select "Copy." Open your browser and enter this URL: https://translate.google.com/ . Make sure English is selected in the "Translation" section. Paste what you previous copied into the "Detect Language" section. After the translation section is complete, copy what is shown there in English to your forum posting. Edited March 14, 2019 by itman Link to comment Share on other sites More sharing options...
syr0x 0 Posted March 14, 2019 Author Share Posted March 14, 2019 (edited) 1 hour ago, itman said: As @Marcos previously requested, you need to access Eset's Detection log and find the recent entry associated with this malware detection. You then need to post what is shown there in English. To accomplish this, right click on the log entry and select "Copy." Open your browser and enter this URL: https://translate.google.com/ . Make sure English is selected in the "Translation" section. Paste what you previous copied into the "Detect Language" section. After the translation section is complete, copy what is shown there in English to your forum posting. 13.txt Edited March 14, 2019 by syr0x Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted March 14, 2019 Administrators Share Posted March 14, 2019 Please gather logs with ESET Log Collector and provide the generated archive. Link to comment Share on other sites More sharing options...
itman 1,754 Posted March 14, 2019 Share Posted March 14, 2019 Since the infection is related to Flashplayer, make sure your OS is fully patched in regards to Win 10 if you are running that version. If you are using Win 7, make sure the stand alone ver. of Flashplayer has had all its outstanding updates applied. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted March 14, 2019 Administrators Share Posted March 14, 2019 It may not be a legit Flashplayer but malware disguised under that name Link to comment Share on other sites More sharing options...
itman 1,754 Posted March 14, 2019 Share Posted March 14, 2019 (edited) 51 minutes ago, Marcos said: It may not be a legit Flashplayer but malware disguised under that name Ah, yes. I didn't expand the screen shot enough; Adobe Flash Player.exe? I believe the legit version is Flash Player.exe. Does not an AMS based log entyry show the executable path information? Edited March 14, 2019 by itman Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted March 14, 2019 Administrators Share Posted March 14, 2019 32 minutes ago, itman said: Does not an AMS based log entyry show the executable path information? I don't recall ever seeing a full path to the file if malware was detected in a running process. There is PID displayed / logged so if the process is still running the full path can be determined. Logging is subject to overhaul so that will be a good opportunity to add it in a separate column. Link to comment Share on other sites More sharing options...
itman 1,754 Posted March 14, 2019 Share Posted March 14, 2019 Appears MSIL/Bladabindi starts up at boot time via registry run key or one of startup directories. Link to comment Share on other sites More sharing options...
Recommended Posts