Jump to content

how to identify a web virus if only eset is triggered ?


Rémi
 Share

Recommended Posts

Hi,

one of my customers suddenly had an eset warning when trying to browse her own wordpress-powered website.

If I test the website on virustotal, there is no detection. But I inspected the source for the home page, and found a series of suspicious urls to a remote js file:

workdevapp.com/1deb3dd710d8d90c20.js

This url do trigger eset on virustotal. But only eset, all other antivirus are green...

How do I know if it's really a virus ?

Thanks,

--

Rémi

Link to comment
Share on other sites

I did some more testing, so I have to add that the entire workdevapp.com domain seems blacklisted by eset.

https://www.virustotal.com/fr/url/cd5a6ae2fa40f7a16aa606e828db50446ded4e333ae09b2480cda80491bc2e31/analysis/

But that the js file itself does not trigger eset. But it does trigger zonealarm and Kaspersky as an adware.

https://www.virustotal.com/fr/file/cec906f1fc42b843aaa4aaa12db15767882547e5e247b4e0489f76313b14da45/analysis/1539006038/

Link to comment
Share on other sites

  • 1 month later...

I have same problem I don't know how but eset endpoint antivirus started to popping up a workdevapp.com  and it's saying that adress has been blocked but when I tried to exit the window. I can't it's still popping up can someone help me please.

workdevapp.png

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...