Jump to content

"Adware.Agent.AA application" found when creating a backup for my iPhone


Recommended Posts

Hi ESET,

Recently I have been having an issue where a warning of "Adware.Agent.AA application" pops up every time I try to synchronize and/or create a backup for my iPhone. It cleans the file every single time.

The issue remains though and keeps stopping me from finishing the backup - leaving me to pause the entire protection and disconnect from the internet to be able to backup. This is unsustainable. 

 

Can anyone help me with this? I would love some support on this topic. I have talked to Apple and they have referred me to you. 

 Hope you can help me!

Best regards/

Justusson

 

Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here
2019-01-27 21:22:31;Real-time file system protection;file;E:\iPhone - Backup\0e7b0c8f461e70c1f978692ed6b65499266ac1e4\Snapshot\4f\4fe457df9af4825a23a2459835ab4270a4010bc8.upload;JS/Adware.Agent.AA application;cleaned by deleting;JUSTUSSON\Christoffer;Event occurred on a new file created by the application: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe (FD162EA135DE4C50B40DC96E638CE0CDD7AFE50C).;ED63E9CDBF66FA8146219489199496E38507D19D;2019-01-27 21:22:24
 

Link to comment
Share on other sites

  • Administrators

You could gather logs with quarantined files (needs to be selected in the ELC menu) using ESET Log Collector (ELC). We can then check what exactly was detected but I assume it was an html file that loads external ads from a questionable ad provider.

Link to comment
Share on other sites

Hi!

Thanks both for your replies!

Marcos:

The html-file sounded familiar - I tried to look into the file last time but I had a hard time finding the files themselves on the iphone, but instead noticed some in the backup on my computer. 

Is there a specific path on the log, where I can find the content of which is affecting this, for the iPhone itself? I’m running a pc, so I cannot look into the iOS itself straight up. 

Thanks!

Best regards!

/

 

Edited by Justusson
Link to comment
Share on other sites

  • Administrators

Since it was detected on a Windows machine, it should be in quarantine. Please gather logs with ESET Log Collector but also with "quarantined files" selected in the ELC menu. The detected file will be included in the generated archive and we'll be able to check what exactly was detected.

Link to comment
Share on other sites

Thank you Marcos!

I originally had a thought that it might have been a specific internet app which behaved differently than the others. 

It seems to have been the case! I deleted all the saved adresses in this particular app - though they still exist in another app - and now the back-up went as smooth as possible! 

Thank you! You have saved me from tons of work!

Best regards/

Link to comment
Share on other sites

  • Most Valued Members
On 1/27/2019 at 10:39 PM, Justusson said:

Hi ESET,

Recently I have been having an issue where a warning of "Adware.Agent.AA application" pops up every time I try to synchronize and/or create a backup for my iPhone. It cleans the file every single time.

The issue remains though and keeps stopping me from finishing the backup - leaving me to pause the entire protection and disconnect from the internet to be able to backup. This is unsustainable. 

 

Can anyone help me with this? I would love some support on this topic. I have talked to Apple and they have referred me to you. 

 Hope you can help me!

Best regards/

Justusson

 

Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here
2019-01-27 21:22:31;Real-time file system protection;file;E:\iPhone - Backup\0e7b0c8f461e70c1f978692ed6b65499266ac1e4\Snapshot\4f\4fe457df9af4825a23a2459835ab4270a4010bc8.upload;JS/Adware.Agent.AA application;cleaned by deleting;JUSTUSSON\Christoffer;Event occurred on a new file created by the application: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe (FD162EA135DE4C50B40DC96E638CE0CDD7AFE50C).;ED63E9CDBF66FA8146219489199496E38507D19D;2019-01-27 21:22:24
 

Is that backup includes the cache in the Browsers? , Did you check all of the apps that you have that none of them looks suspicious ?

I don't know if ESET is available in iOS , if not try to use another scanner that is available on AppStore and let it deep scan your phone and see if it catches anything , maybe you could know the source of JS/Adware.Agent.AA

Edited by Rami
Link to comment
Share on other sites

  • ESET Support
On 1/31/2019 at 12:31 PM, Rami said:

Is that backup includes the cache in the Browsers? , Did you check all of the apps that you have that none of them looks suspicious ?

I don't know if ESET is available in iOS , if not try to use another scanner that is available on AppStore and let it deep scan your phone and see if it catches anything , maybe you could know the source of JS/Adware.Agent.AA

There are no AV solutions for iOS. Every app runs in sandbox. 

Link to comment
Share on other sites

  • Most Valued Members
Just now, notimportant said:

There are no AV solutions for iOS. Every app runs in sandbox. 

Argh , I see , I didn't know that I have never used an Apple product hehe.

Thanks for telling me.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...