Jump to content

JS/Spigot.B


Recommended Posts

  • 1 month later...

If that message is coming up when you launch chrome/Firefox each time, disable eset then launch. What is happening is eset is catching it and preventing it from loading however the setting is there to try to load it every time. By disabling eset the extension loads allowing you to remove it like any other extension.

Link to comment
Share on other sites

  • 3 weeks later...
1 hour ago, jonathanbrickman0000 said:

Our ESET management center is reporting many machines at several sites with JS/Spigot.B.  How can we best use ESET Endpoint 7.0 or 7.1 to delete these extensions and also block them from ever being installed? 

As far as preventing installation of malicious chrome extensions, they and add-on installations need to be managed via policy methods. Here's an article on how to do so: http://woshub.com/how-to-configure-google-chrome-via-group-policies/ .

As far as Eset goes, do you have for Real-time file system protection -> Detection Engine -> Scanner Options all the following enabled on the endpoints?

  • Detection of potentially unwanted applications
  • Detection of potentially unsafe applications
  • Detection of suspicious applications

If the above are all enabled, you can set Real-time protection ThreatSense -> Parameters -> Cleaning level to "Strict clearing." Doing so will eliminate any PUA pop-ups from Eset on the endpoints requiring user action and automatically delete and quarantine the file.

Link to comment
Share on other sites

  • Administrators
9 hours ago, jonathanbrickman0000 said:

Our ESET management center is reporting many machines at several sites with JS/Spigot.B.  How can we best use ESET Endpoint 7.0 or 7.1 to delete these extensions and also block them from ever being installed?

For a start it'd be good to get logs collected with ESET Log Collector from such machine. In managed environment, PUAs are cleaned automatically regardless of the cleaning type.

Link to comment
Share on other sites

Thank you, Marcos.  I did a bit of checking and found that indeed, JS/Spigot.B is being deleted as soon as it comes.  The only odd thing is, the ESET console does not report any action taken, even though action was clearly taken, it just reports that the threats exist, I have to manually tell it that resolution has occurred.  Is there a setting of some sort I am missing?

Link to comment
Share on other sites

  • 1 month later...

After experiencing this issue while using the trial version and reading all the posts concerning it and ESET's lack of support on this I have decided I will not be going ahead and purchasing a licence for 12 machines

Link to comment
Share on other sites

  • Administrators
9 minutes ago, Terry Hancock said:

After experiencing this issue while using the trial version and reading all the posts concerning it and ESET's lack of support on this I have decided I will not be going ahead and purchasing a licence for 12 machines

ESET detected Spigot PUA which is correct, isn't it? Most of other AVs would not probably detect it at all.

ESET JS/Spigot.B application potentially unwanted
Symantec     clean
Avast        clean
Microsoft    clean
Avira        clean
DrWeb        clean
Bitdefender  Application.Redirects.B JS
Kaspersky    not-a-virus:AdWare.JS.ChromeExt.i
McAfee       clean

To prevent Chrome from downloading Spigot again and again, one may need to disable syncing of Chrome extensions as per https://support.eset.com/kb6551/.

I'm failing to see what the problem is. Please elaborate more on the issue you are having.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...