Jump to content

Recommended Posts

Posted

Apologies, I haven´t been infected for many years. And maybe there is a different procedure for questions like this.

Just today I happened to click on ´tools´, ´more tools´, log files. I see three infections, two on 26/1 and one on 31/3. The first one is a trojan and since i typed an incorrect URl I can imagine Eset detected something. I just don´t recall it. A ´redirecter trojan´, detected by http filter. Action connection terminated

The last one by the real time file system protection.

HTML/ScrInject.B trojan;deleted;;PC name deleted<Event occurred on a new file created by the application: /Palemoon browser/ (deleted)

Again, I don´t recall it andIi just stumbled on this when i happened to browse through the ´more tools´ menu. Should I have seen that report in real time when the infection occurred ?

 

 

  • Administrators
Posted

If egui.exe was running and you were logged in at that time, you should have received a warning. If you would like more info on the detection,  supply me with ELC logs that also include quarantined files (can be selected in the ELC list of artifacts to gather).

Posted
1 hour ago, esset said:

Again, I don´t recall it andIi just stumbled on this when i happened to browse through the ´more tools´ menu. Should I have seen that report in real time when the infection occurred ?

Check date and time shown in the log entries. Were you in the proximity of your PC when the attack occurred? Note that Eset alerts do not remain permanently displayed on the desktop but will disappear after so many seconds.

Posted

@Marcos , @itman

 

Thanks, it seems all right. The 'redirect trojan' seems more than it was, most likely it was at least mostly safe. ' Were you in the proximity of your PC when the attack occurred? Note that Eset alerts do not remain permanently displayed on the desktop but will disappear after so many seconds ' I did not know that. I may very well not have ben looking,

Without nagging, I once got the reply that version 12 would be distributed in October. I just seem to recall that once the US version came first, and I got the local one only in November. I guess it's being beta tested at the moment ...

 

 

Posted (edited)

Hello esset. You might want to take a look at this KB article. It might help. https://help.eset.com/essp/11.1/en-US/idh_config_alert.html

I try to make it a habit to review my log files once in a while to look for anything unusual.

One more thought, you might also want to check your "cleaning levels" (in all scans) to be sure you have them set the way you want to. https://help.eset.com/essp/11.1/en-US/work_avas_realtime_cleaning.html

Edited by TomFace
added cleaning levels link
Posted

hi,

Can u help me .

this web page contains potentially dangerous content

how to solve the html/scrinject.b trojan 

  • Administrators
Posted
58 minutes ago, Akshara said:

Can u help me .
this web page contains potentially dangerous content
how to solve the html/scrinject.b trojan  

First of all, we kindly ask you to not steal someone else's topic but instead create a new one next time. The Malware Finding and Cleaning forum is intended for queries like yours.
To answer your question, the website appears to have been compromised. An administrator should clean it and take measures to prevent further re-infection.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...