Jump to content

Archived

This topic is now archived and is closed to further replies.

well01

Java/Agent.HV real virus or not?

Recommended Posts

Good afternoon.

The antivirus detects the following in the maisbot program:
controller / VersionUpdaterClient.class - a variant of Java / Agent.HV Trojan
updater / VersionUpdaterClient.class - a variant of Java / Agent.HV Troyan

Is it a real virus or not? I would like to know if there is a real danger when executing it in order to use the program or not, and it really isn't malware or virus only mistake

should I upload the files here?

Thank you

eset.png

Share this post


Link to post
Share on other sites
On 23/6/2018 at 6:40 PM, Marcos said:

Please submit the whole zip file to ESET as per the instructions at https://support.eset.com/kb141.

I have followed the instructions of the link indicated in this thread but I haven't answer.

On June 23 send an email to samples@eset.com attaching the requested image and file using the subject indicated "Suspected infection" and the requested pass in the body of the email. I had no more response or information about it after that.

On June 28 send an email as follow-up email message as indicated by the instructions of the previous link, the same subject, the date and time of the previous email and the email address used previously. I still have no response or information about it since then.

What do I do now?

Share this post


Link to post
Share on other sites

Although not explicitly stated in the KB article, I believe it's standard Eset procedure not to respond by e-mail unless the sample is indeed malicious and a prior detection method does not exist?

Share this post


Link to post
Share on other sites

Then it means that I can run the file without danger?

Share this post


Link to post
Share on other sites

My take is if the detection was a FP, Eset would have whitelisted it by now. If you unzip the archive again and Eset detects with the same sig., the file is indeed malicious.

If the file is still in quarantine, do not remove it and try to run it.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×