Jump to content

Win32/Elevate.A İt is a virus?


Go to solution Solved by itman,

Recommended Posts

When I did a full scan with eset, it found the same and cleaned it, but when I did a comprehensive scan again, it found the same software as detection, this is my virus and there is clean or delete in the actions option. And is this a virus?

IMG20210224145100.jpg

IMG20210224145127.jpg

Link to comment
Share on other sites

  • Administrators

It's a potentially unsafe application, ie. legitimate tool that could be misused in the wrong hands. It's not detected by default.

Link to comment
Share on other sites

3 minutes ago, Marcos said:

It's a potentially unsafe application, ie. legitimate tool that could be misused in the wrong hands. It's not detected by default.

2 weeks ago I deleted the trojan on the computer and now it detected as detection. There are 2 options at the end of the scan. Should I delete it or not?

Link to comment
Share on other sites

  • Solution

Appears one of your apps, Solidworks cam editor, or something similar is using elevate.exe described here: https://www.processchecker.com/file/Elevate.exe.html  to perform hidden process privilege elevation. Also appear elevate.exe is the equal to the Windows runas command. If you delete elevate.exe in its associated directory, whatever Solidworks app you're using might no longer work properly.

It's your decision here how to proceed. Delete elevate.exe or create an Eset PUA exclusion for it. 

Edited by itman
Link to comment
Share on other sites

6 minutes ago, itman said:

Appears one of your apps, Solidworks cam editor, or something similar is using elevate.exe described here: https://www.processchecker.com/file/Elevate.exe.html  to perform hidden process privilege elevation. Also appear elevate.exe is the equal to the Windows runas command. If you delete elevate.exe in its associated directory, whatever Solidworks app you're using might no longer work properly.

It's your decision here how to proceed. Delete elevate.exe or create an Eset PUA exclusion for it. 

Well, it was first seen in 2018 at the bottom. Has it been on the computer since 2018 or is it related to the trojan?

Link to comment
Share on other sites

1 minute ago, Duhan Orhan said:

Well, it was first seen in 2018 at the bottom.

That's the date associated with first analysis of elevate.exe I assume.

2 minutes ago, Duhan Orhan said:

is it related to the trojan?

Yes.

Again, Eset is detecting this a PUA. In other words, it could be abused for malicious purposes. Not that it is actually being used maliciously.

Link to comment
Share on other sites

4 minutes ago, itman said:

That's the date associated with first analysis of elevate.exe I assume.

Yes.

Again, Eset is detecting this a PUA. In other words, it could be abused for malicious purposes. Not that it is actually being used maliciously.

Thank you very much, I will do a full scan again and if it finds it, I will delete it with eset. This virus was infected 20 days ago. When I deleted it, something new comes out. I want to be completely sure. I hope eset will not disappoint me.

Link to comment
Share on other sites

Here's how I would recommend an Eset PUA detection be evaluated.

If the PUA detection source is from a download or installed software, first assess the source. If it was from a trusted publisher's associated web site, it is probably safe to exclude the detection. If the source is a cracked software download or from an untrusted download source, I would delete the download and/or uninstall the cracked software.

The easiest way to get malware currently is to use cracked software.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...