jtown82
-
Posts
8 -
Joined
-
Last visited
Posts posted by jtown82
-
-
We do have some machines still getting the alerts but I am assuming that is because we have a few machines that have not been upgraded yet and are still using eset V5 endpoint protection. Or should the fix cover those aswell?
-
Marcos do you know if a hotfix or something is being worked on?
-
All the sudden our ERA is spamming alerts for addthis_widget.js and flagging it as JS/TrojanDownloader.Pegel.BH. literally 20-30 different computers at the same time. Not sure if this is legit or if another bad push of definitions went out and its false positives. Anyone else all the sudden getting these alerts?
AppData/Local/Microsoft/Windows/INetCache/Low/IE/EZ3ZKCGG/addthis_widget[1].js
er/AppData/Local/Microsoft/Windows/Temporary Internet Files/Low/Content.IE5/W5TI9TST/addthis_widget[3].js
-
The issue is the malware is not actually malware from what I have been reading and seeing like Chrome being launched to auto go to the extensions page is nothing nefarious. That string after chrome.exe should not be flagged. ESET recommending other products....lol.. ESET presents itself as the total solution for protection. It is almost embarrassing if they truly are saying use another product.
-
i also have a user with a Chrome Apps launcher shortcut using this string. ""C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-app-list" and the second its clicked on ESET flags it but doesn't actually stop it from opening up chrome and such. still wish ESET would actually push a REAL fix to this.
-
Still getting alerts in our system for the exact same thing. typical that Eset would try and blame virus radar. in the end its ESET vault. They are the vendor and need to resolve it regardless of what other 3rd party vendors have a hand in it. Sadly When you have 1300 machines the above method is not a solution. ESET will be losing a fairly large customer when our contract comes back around if this isn't resolved quickly.
-
We have been getting the same thing have around 600 machines currently about 5-6 have been spamming this. I guess I am blind as I do not see anything in the alert section in regards to "advanced options to whitelist this or ignore it ect. Sadly Eset has one of the worst GUIs in the history anything.
-
file:///C:/Users/Benjamin.Beegle/AppData/Local/Google/Chrome/User Data/Default/Extensions/lgfehfbnofiffladdncogfobimealokp/1.300.11.57732_0/components/api/background/widget-api-impl.js
-
-
THREAT NAMEJS/Mindspark.E
-
THREAT TYPEpotentially unwanted application
-
SEVERITYCritical
-
OCCURRED2017 Sep 10 16:13:39
-
THREAT HANDLEDNo
-
RESTART NEEDEDNo
-
ACTION TAKEN
-
ACTION ERRORunable to clean
-
OBJECT TYPEfile
-
OBJECT URIfile:///Startup
-
CIRCUMSTANCES
-
SCANNERStartup scanner
-
ENGINE VERSION16061 (20170910)
-
-
addthis_widget.js alert spam
in Malware Finding and Cleaning
Posted · Edited by jtown82
Well actually I just got another alert from a more recent updated machine.
Updated with ESET info on that machine.
ESET Remote Administrator Agent 6.3.136.0
ESET Endpoint Antivirus 6.4.2014.0