Jump to content

PowerShell/TrojanDownloader.Agent.CRU


Recommended Posts

Good Morning,

In my company we had a Trojan (PowerShell/TrojanDownloader.Agent.CRU) infection long time ago in several of our servers, it was all cleaned and everything is working but the Trojan keeps trying to launch in the servers. ESET finds it and delete it but it keeps coming back and we are unable to find it and get rid of it for good. I have read similar infections in this forums but the answer is deleting some registry keys with no more explanations so I can't find a proper solution for my issue.

Could someone please help?

I'm attaching 2 logs from 2 of our servers

Thank you very much

ESET.zip

Link to comment
Share on other sites

  • Administrators

Please run ELC and select "Threat detection" template prior to collecting files. The generated zip archive will be probably too big to be uploaded here so please upload it to a safe location and drop me a personal message with a download link.

Link to comment
Share on other sites

  • Administrators

Again, "Threat detection" profile was not selected in ELC. For instance, the registry export is missing among others. I'd expect the generated archive to be more than 100 MB in size.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...