Jump to content

Recommended Posts

Posted

Hello,

Everytime i open Edge, there is always detection JS/Chromex.Agent.BB trojan

Here the log

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
31/03/2021 16.13.45;HTTP filter;file;hxxp://msedgeextensions.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/ec8e6675-6ab7-4c6a-ba5a-a4d7aa5092e9?P1=1617718235&P2=404&P3=2&P4=BV6AskZngUBws3JtBxi8QFFY+K48cNGp+SWP9VxHGm495tIqIikMtaMZ8+pvCLkjp6Zn8UHya71mG0ZVUN7wmg==;JS/Chromex.Agent.BB trojan;connection terminated;HAW\ad;Event occurred during an attempt to access the web by the application: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (8AC8D2468840D73376AA087254097D141026DCDE).;AC15133243681AB240149B1B7CFDEDC18960334D;

 

Is this real trojan or false positif?


Thank You,

  • Administrators
Posted

I've submitted the file to samples[at]eset.com to get it checked. I'll let you know when I hear back about the result.

Posted

Eset not alone in this detection per below VirusTotal screen shot. However, most of the other AV vendor detection's appear to be generic ones:

Eset_Edge.thumb.png.ef7b758cf67ac776a222e0f90b1771f3.png

Posted

Also, I don't use Edge but I did open it to see if I could duplicate this issue. Other than it appears to have recently updated, I did not receive any Eset detection. Ditto for a second opening of Edge. Now I do use uBlock Origin on Edge , so it is possible it is blocking the source of this Javascript detection on the Edge home (default one) page.

Posted

looks like an extension. I would  reset the browser and check if the detection still occurs.

Posted
18 hours ago, Marcos said:

I've submitted the file to samples[at]eset.com to get it checked. I'll let you know when I hear back about the result.

Thank you.

 

14 hours ago, itman said:

Also, I don't use Edge but I did open it to see if I could duplicate this issue. Other than it appears to have recently updated, I did not receive any Eset detection. Ditto for a second opening of Edge. Now I do use uBlock Origin on Edge , so it is possible it is blocking the source of this Javascript detection on the Edge home (default one) page.

i install it, but Eset still detect.

8 hours ago, kermit80 said:

looks like an extension. I would  reset the browser and check if the detection still occurs.

yes, at first i think it's because extention. then i remove all extention, reset settings but still.

  • Administrators
Posted

It was confirmed that the extension is malicious. I had doubts if it was malicious since its component had 0 detections at VT but was detected by ESET locally:

Utils.js - JS/Chromex.Agent.BB trojan

 

Posted
7 hours ago, Marcos said:

Utils.js - JS/Chromex.Agent.BB trojan

Fixing this it appears is going to be a "real bear." Utils.js is an OS component also used by many apps: https://www.exefiles.com/en/js/utils-js/ . As such, this might not be just an Edge issue related to some extension it is using.

Further details on Utils.js here: http://www.utilsjs.com/

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...