Jump to content


Recommended Posts

Hi ESET Team,

One of our client servers has infected by malware Win32/Exploit.Agent.NZK. ESET able to detect and clean the malware but the malware keep attacking the servers.

Please find bellow link to download the log from ESET Log Collector and output file from wmic process list



Any suggestion on how to stop this malware ?

Link to comment
Share on other sites

  • Administrators

Please move the following files to a new folder, then reboot the machine. Those are two tasks that trigger powershell to download a resource from blocked URLs:


Please submit the two files to samples[at]eset.com in an archive encrypted with the password "infected".

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...