Marcos
-
Posts
36,487 -
Joined
-
Last visited
-
Days Won
1,452
Posts posted by Marcos
-
-
Most likely it was a false positive. However, the detection is 4 years old so it's weird that it has been detected on your device recently.
-
Is the app detected if you uninstall it and install it from scratch? If so, does uninstalling and reinstalling ESET Mobile Security make a difference?
-
47 minutes ago, Joergen Rune Mortensen said:
Actually, I have already tried it from another folder (c:\temp), but it does not seem to make any difference. It was also by moving and editing the installation files I was able to point at the exact failing location in the VB-script.
Please provide a Procmon log from an attempt to run a modified installer that uses a different folder than "temp". Are you able to run other vbs scripts from there?
-
-
5 minutes ago, Jaca said:
Can you check Malyogrod.pl website threat JS/Agent.RAW virus has been detected please check
I was unable to reproduce the detection while browsing the website. Most likely the malware has been removed in the mean time.
-
Since this is an English forum, we kindly ask you to post in English.
Please provide the IP address that was blocked.
-
Most likely you're blocking execution of vbs scripts from the temp folder (C:\Users\%USER%\AppData\Local\Temp).
You can edit PROTECTAgentInstaller.bat and point %installDirectory% to other than the temp folder.
-
Please contact your local ESET distributor with this request. To my best knowledge, there are no trial versions or licenses for ESET Security Ultimate. However, the 30-day return policy applies so if you are not satisfied with the product, you can return it and ask for a refund within 30 days.
-
It's possible to get a business trial license via https://www.eset.com. There is a button "Try before you buy". However, we do not sell our products in Russia unfortunately.
-
An AI chatbot inadvertently kindles a cybercrime boom, ransomware bandits plunder organizations without deploying ransomware, and a new botnet enslaves Android TV boxes
-
-
Endpoint 5 reached EOL in December 2020: https://support-eol.eset.com/en/policy_business/product_tables.html.
For EOL products module updates are not guaranteed and were terminated without prior notice: https://support-eol.eset.com/en/policy_business/support_levels.html.
Moreover, Endpoint v5 was missing many of modern technologies to detect and block today's malware and other threats and attacks.
-
This is not a sort of a quick question that this Quick questions forum is intended for.
Answering this question may require raising a support ticket so we kindly ask you to do so.
-
The website is indeed infected:
-
-
Selecting Help and support -> Technical support will eventually take you to your local distributor's website like https://www.eset.com/int/support/contact/ where you need to go through the wizard that will provide you with an option to contact technical support after a few steps.
-
1 minute ago, Stratosphere2008 said:
I've already sent it using the link inside the app
Ok, then a support ticket was created if you received a confirmation email with a ticket ID and technical support should contact you soon.
-
Please refer to https://help.eset.com/protect_cloud/en-US/component_installation_rd_sensor_windows.html:
If there are multiple network segments, Rogue Detection Sensor must be installed separately on each network segment to produce a comprehensive list of all devices on the whole network.
-
6 minutes ago, peters said:
But it is interesting the virustotal marked this URL as Clean, include ESET engine!
That's because you have checked the website against url blacklists. The website is not blacklisted but it's a JS malware which is detected there:
-
8 minutes ago, kandrea said:
Same here, on uphotelbudapest.com. We try to find and delete the infected files, and now ESET doesn't block website but sucuri still write this:
Warning: Malware Detected
Infected with malware. Immediate action is required
The website is indeed infected and needs to be cleaned:
-
Service run-time failed with: Cannot load library: C:\Program Files\ESET\RemoteAdministrator\Agent\DALNativeSQLite.dll
Does the above dll exist? If so, does it have a valid digital signature? Did you try reinstalling the management agent?
-
The website still contains a malicious JS which is detected by ESET:
-
ESET provided technical analysis, statistical information, known C&C servers and was able to get a glimpse of the victimology
-
RDP is allowed only in trusted zones by default for security reasons. Please make sure that the IP address initiating an RDP connection is trusted (e.g. Setup -> Network -> Network connections).
Website detected - JS/Agent.RAW
in Malware Finding and Cleaning
Posted
The website is still blacklisted by the said vendor despite the malware being already removed. At least we detected the malware there before but now it's not detected any more.