Jump to content

Recommended Posts

Hello

After i was traveling i came back to see a message that i need to restart my computer after cleaning.

but the message wont go away 

What should i do

Windows 7 Ultimate

 

Screenshot_3.png

Share this post


Link to post
Share on other sites

You need to post in English what is shown in the Eset alert. This forum is for English language speakers.

Share this post


Link to post
Share on other sites
6 minutes ago, itman said:

You need to post in English what is shown in the Eset alert. This forum is for English language speakers.

I have the antivirus in Hebrew but that says what i just descirbed.

Share this post


Link to post
Share on other sites

Again, most of us don't know Hebrew. So you will need to post; i.e. type in your reply, what the alert states in English.

Share this post


Link to post
Share on other sites

Also please post the appropriate record from the Detection log. Again, make sure it's in English so that we don't have to translate it ourselves.

Share this post


Link to post
Share on other sites
1 hour ago, itman said:

Again, most of us don't know Hebrew. So you will need to post; i.e. type in your reply, what the alert states in English.

Exactly : A restart is needed in order to complete the cleaning process , Do you want to restart now? - That's the translation.

Share this post


Link to post
Share on other sites
4 minutes ago, Rami said:

Exactly : A restart is needed in order to complete the cleaning process , Do you want to restart now? - That's the translation.

Ok,

First of all im sorry .I don't know how to change the language 

And that's exactly what it means and this still poping up even after the restarts 

Share this post


Link to post
Share on other sites
Posted (edited)

As @Marcos previously requested, you need to access Eset's Detection log and find the recent entry associated with this malware detection. You then need to post what is shown there in English.

To accomplish this, right click on the log entry and select "Copy." Open your browser and enter this URL: https://translate.google.com/ . Make sure English is selected in the "Translation" section. Paste what you previous copied into the "Detect Language" section.  After the translation section is complete, copy what is shown there in English to your forum posting.

Edited by itman

Share this post


Link to post
Share on other sites
Posted (edited)
1 hour ago, itman said:

As @Marcos previously requested, you need to access Eset's Detection log and find the recent entry associated with this malware detection. You then need to post what is shown there in English.

To accomplish this, right click on the log entry and select "Copy." Open your browser and enter this URL: https://translate.google.com/ . Make sure English is selected in the "Translation" section. Paste what you previous copied into the "Detect Language" section.  After the translation section is complete, copy what is shown there in English to your forum posting.

 

13.txt

Screenshot_1.png

Edited by syr0x

Share this post


Link to post
Share on other sites

Please gather logs with ESET Log Collector and provide the generated archive.

Share this post


Link to post
Share on other sites

Since the infection is related to Flashplayer, make sure your OS is fully patched in regards to Win 10 if you are running that version. If you are using Win 7, make sure the stand alone ver. of Flashplayer has had all its outstanding updates applied.

Share this post


Link to post
Share on other sites

It may not be a legit Flashplayer but malware disguised under that name :)

Share this post


Link to post
Share on other sites
Posted (edited)
51 minutes ago, Marcos said:

It may not be a legit Flashplayer but malware disguised under that name :)

Ah, yes. I didn't expand the screen shot enough; Adobe Flash Player.exe? I believe the legit version is Flash Player.exe.

Does not an AMS based log entyry show the executable path information?

Edited by itman

Share this post


Link to post
Share on other sites
32 minutes ago, itman said:

Does not an AMS based log entyry show the executable path information?

I don't recall ever seeing a full path to the file if malware was detected in a running process. There is PID displayed / logged so if the process is still running the full path can be determined. Logging is subject to overhaul so that will be a good opportunity to add it in a separate column.

Share this post


Link to post
Share on other sites

Appears MSIL/Bladabindi starts up at boot time via registry run key or one of startup directories.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...