Paneliya Mehulkumar 0 Posted December 27, 2019 Share Posted December 27, 2019 (edited) How to completely remove NSIS/CoinMiner.M detection? efsw_logs.zip Edited December 27, 2019 by Paneliya Mehulkumar Link to comment Share on other sites More sharing options...
Administrators Marcos 5,407 Posted December 27, 2019 Administrators Share Posted December 27, 2019 The malware is created in shared on drive D : that are shared for everyone with full access, ie. an infected computer in the network copies malware there which is subsequently detected by ESET. It's coming from a machine with the user 1E-STORAGE\helium logged in. Link to comment Share on other sites More sharing options...
Paneliya Mehulkumar 0 Posted December 28, 2019 Author Share Posted December 28, 2019 what are the steps needed to clean it completely ? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,407 Posted December 28, 2019 Administrators Share Posted December 28, 2019 1, Identify the machine where 1E-STORAGE\helium user was logged on. 2, Make sure that ESET is installed on the machine, it is fully updated and all important and critical OS updates are installed. Make sure that detection of potentially unsafe and unwanted applications is enabled. Then run a full disk scan to detect and remove possible malware. Link to comment Share on other sites More sharing options...
Recommended Posts