Jump to content

Recommended Posts

Posted (edited)

Have a nice day!

Every day this alert comes up.

I have run the full check several times in the last month, but it comes up again.

 

Edited by Marcos
Links removed
  • Administrators
Posted

Please do not publicly disclose links to logs but drop me a personal message instead. I was unable to download the files without the need to request access.

Posted
22 hours ago, Marcos said:

Please do not publicly disclose links to logs but drop me a personal message instead. I was unable to download the files without the need to request access.

Annoying, but Kaspersky (KVRT) solved my problem too. I still use ESET, but it was only a temporary solution.

ITman, Thanks for the link!

I am sad to see that the incident was almost 2 years ago. Since then ESET has failed to provide a solution to such a problem?

 

Marcos, I look forward if you have other solutions or comments!

Thanks ;)

feladatutemezo.jpg

eset_axl_trojan_cmd.jpg

essp_logs.zip

  • Administrators
Posted
1 hour ago, angeldust said:

I am sad to see that the incident was almost 2 years ago. Since then ESET has failed to provide a solution to such a problem?

The fact that there was a problem cleaning a specific PowerShell malware in the past does not mean that this is the very same case. Unfortunately the ELC logs were not collected with "All" or "Threat detection" template selected in the ELC menu so we cannot figure out the location of the malware. As you wrote, you have already removed the malware so any further logs will not help us. We would need especially the registry dump from an infected system.

Posted (edited)
3 hours ago, Marcos said:

Az a tény, hogy a múltban probléma volt egy adott PowerShell kártevő tisztításával, nem jelenti azt, hogy ez ugyanaz az eset. Sajnos az ESET Log Collector naplók nem az ESET Log Collector menüben kiválasztott "Összes" vagy "Fenyegetés észlelése" sablonnal lettek gyűjtve, így nem tudjuk kideríteni a kártevő helyét. Ahogy írtad, már eltávolítottad a kártevőt, így a további naplók nem segítenek nekünk. Különösen a registry dumpra lenne szükségünk egy fertőzött rendszerből.

The logs is from yesterday.

The state before removal.

Edited by angeldust
  • Administrators
Posted

As I wrote, the logs were not collected with "All" or "Threat detection" template selected in the ELC menu and therefore a registry dump was missing. Since you have removed the malware, new logs would not help.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...