Jump to content

ESET Sysinspector show a windows task as dangerous


Recommended Posts

Hi guys,

Why ESET Sysinspector is showing this Windows task as dangerous:image.thumb.png.9bc66ba318f22e93e818f1e831483273.png

You can see the Sysinspector log in the attachment. 

My customer is asking about this but i dont know why this is dangerous. Can someone help me?

Regards.

SysInspector-KE10DESARROLLO2-191216-090230.zip

Link to comment
Share on other sites

  • Administrators

No. SysInspector logs are intended to be analyzed by advanced users and ESET staff with experience with analyzing malware when it comes to analyzing particular suspicious files.

Link to comment
Share on other sites

What is calluxxprovider.vbs:

Quote

calluxxprovider.vbs is used when using Server Manager to collect performance data on servers.This is activated in Server manager, select server, right-click and select "Start Performance Counters". This will create a data collector set on that server, user defined called "Server Manager Performance Monitor". In this task the script calluxxprovider.vbs is scheduled to clean up all logs older than 7 days. So, when accessing performance in Server manager, these files are used to show the performance data.

https://social.technet.microsoft.com/Forums/windows/en-US/5aa8e440-e2ec-40f2-b0f1-73c75bf7dab8/can-anybody-tell-me-what-calluxxprovidervbs-does?forum=winservergen

It appears that the script per se is not malicious. However, it could have been modified by malware. I would submit the script to Virus Total to determine if other solutions find something.

Link to comment
Share on other sites

Also according to this: https://skatterbrainz.wordpress.com/2016/02/05/legacy-code-still-alive-in-microsoft-products/ , this .vbs script only exists on Win Server 2012 R2. As such if it exists on another Win version, I would treat it as suspect.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...