Kgold 0 Posted June 17, 2021 Share Posted June 17, 2021 Dear, Recently, I got the pop up from Eset - I am using Smart Security Premium version. It shows one unwanted application (win64/Coinminer.QG). the file is from C:\intel\update\update.exe I click CLEAN button and try to delete the folder [Intel], it will show up again after I restart my computer. I would like to have a solution for this problem. I am afraid my computer has virus. Thank you all Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted June 17, 2021 Administrators Share Posted June 17, 2021 Please provide logs collected with ESET Log Collector for a start. Link to comment Share on other sites More sharing options...
Kgold 0 Posted June 17, 2021 Author Share Posted June 17, 2021 (edited) Hello Marcos, I uploaded the logs collected file. Please check and thanks for your reply. Edited June 17, 2021 by Kgold re-upload again Link to comment Share on other sites More sharing options...
Kgold 0 Posted June 17, 2021 Author Share Posted June 17, 2021 sorry for up another post. I uploaded again the file with all data as I follow the tutorial in eset web. 688160463_essp_logs-all.zip Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,243 Posted June 17, 2021 Administrators Solution Share Posted June 17, 2021 As you can see also in the screen shot above, the PUA is re-created by the application C:\Program Files\Portable Devices\manager.exe. What is the purpose of the app? Can you temporarily uninstall it? Link to comment Share on other sites More sharing options...
Kgold 0 Posted June 17, 2021 Author Share Posted June 17, 2021 I don't know what is the purpose of this app. When I open Uninstall, I can not see the name of this app. I also tried to delete the folder and restart my computer. No pop up again. But is it okay now ? do I need to scan or do something to make sure my computer has no virus now ? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,243 Posted June 17, 2021 Administrators Share Posted June 17, 2021 1 hour ago, Kgold said: No pop up again. But is it okay now ? The machine should be clean then. Link to comment Share on other sites More sharing options...
Kgold 0 Posted June 17, 2021 Author Share Posted June 17, 2021 Oh so thank you so much for your support. I am appreaciated Link to comment Share on other sites More sharing options...
itman 1,743 Posted June 17, 2021 Share Posted June 17, 2021 As far as manager.exe goes, as long as it's located in this directory, C:\Program Files\Portable Devices\, it should be legit; ref.: https://www.file.net/process/manager.exe.html . Further evidenced by the fact the file is Microsoft signed. Link to comment Share on other sites More sharing options...
Recommended Posts