johnosheridan 0 Posted May 26, 2014 Share Posted May 26, 2014 (edited) Hi, I have noticed a blockage trying to visit a multi media installer website the other day. Checking on eset cyber security pro, I found this virus quarantined 3 times. Here is the log content 21/03/14 17:12:50 HTTP filter archive hxxp:// www.connectmult imedia.com.au JS/Agent.NKW trojan connection terminated - quarantined 747john 21/03/14 17:11:51 HTTP filter archive hxxp:// www.connectmultimedia.c om.au JS/Agent.NKW trojan connection terminated - quarantined 747john 21/03/14 17:11:16 HTTP filter archive hxxp:// www.connectmultimedia.co.au/hom e-page JS/Agent.NKW trojan connection terminated - quarantined 747john I am doing a smart scan now, if negative, can I suppose it didn't spread into my computers, all Mac Mavericks V.10.9.3, all protected by Eset CP 6.0.9.1 Any information about this threat would be welcome, thanks, John Edited May 26, 2014 by Marcos Link to comment Share on other sites More sharing options...
Arakasi 549 Posted May 26, 2014 Share Posted May 26, 2014 Hello John, Those links need to be broken. Per the terms and rules of ESET's forums here: https://forum.eset.com/topic/76-rules-of-the-eset-security-forum/ #9 Do not post direct links to any executable files, malicious/suspicious software or web sites in public messages, even if you think the software or site is clean and incorrectly detected by ESET. Break up the URL by inserting spaces into it, or replacing the protocol handler with an obfuscated one. Unsuspecting people, especially users that are not protected by ESET and their products do not detect the trojan dropper that is being pushed out by that link according to ESET's detected threat. If you have ESET installed, you can assume you did not get infected, as the threat is being detected. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,271 Posted May 26, 2014 Administrators Share Posted May 26, 2014 The detection is correct.JS/Agent.NKW is a malicious obfuscated java script injected into web pages by certain Joomla plug-ins. For more information about the injection, please refer to Joomla's forum:hxxp://forum.joomla.org/viewtopic.php?t=795946 Link to comment Share on other sites More sharing options...
spO.Oks 0 Posted June 21, 2014 Share Posted June 21, 2014 Is that, the same as my problem? If so, what can I do? And if not... can anyone help me then? Please. Thank you. It would really be appreciated. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,271 Posted June 23, 2014 Administrators Share Posted June 23, 2014 Is that, the same as my problem? If so, what can I do? And if not... can anyone help me then? Please. Thank you. It would really be appreciated. Discussion continues here. Link to comment Share on other sites More sharing options...
Lydia1048 0 Posted February 12, 2015 Share Posted February 12, 2015 You can either automatically or manually remove the Trojan. The tools that may help: Removed by moderator Removed links as we don't want to throw the kitchen sink at every infection people need help with. Posts that offers the manual removal guides: Removed by moderator I removed these links as well because we'd like to continue to support ESET customers on the forum as opposed to link dropping them to another place on the internet. We appreciate your willingness to help, however in the future simply take the time to type out your solutions or theories for solutions as opposed to link bombing. Thanks! Link to comment Share on other sites More sharing options...
Recommended Posts