Jump to content

JS/Agent.OZD - Mylist.co.il


Recommended Posts

About 2 days ago, ESET Internet Security (13.1.21.0) has flagged my personal site https://www.mylist.co.il/ due to it intercepting the "JS/Agent.OZD" trojan. I've had this site more than 2 years and never had a problem with security issues. I suspect that this item was recently added to the ESET list? The problem has been reported to my Host Provider tech team and their scans didn't detect anything. The practical issue is that some of the features of the forum are disabled, e.g., the text box for starting new discussions or replying to one is missing. Other related features are using the "Quote" feature, and a few others. Disabling ESET resolves those problems. I suspect that this is a false positive. I think javascript items are being flagged. What can I do to resolve this issue without creating a real risk?

 
Link to comment
Share on other sites

  • ESET Insiders
7 hours ago, Marcos said:

I was unable to reproduce the detection on this website. Are you still getting the threat detected?

You should try and do investigate why you didn’t get a detection. You may find what some of us are saying, There are sporadic times that ESSP just doesn’t work, even though there are no indications it’s not working. In other words it still appears in the system tray but it’s not working. 

Link to comment
Share on other sites

  • Administrators

It was caused by using a different browser. The website was indeed compromised.

Please remove all references to:
frookshop-winsive.com
cening-setects.com

Link to comment
Share on other sites

  • Administrators
5 minutes ago, NewbyUser said:

So not all browsers have http/https scanning enabled? 

It's not about SSL scanning but about conditions that the malware uses to inject into viewed html pages.

Still, neither you nor me got the JS/Agent.OZD detection on the website, hence I assume this particular malware has been removed but another malware that injects a malicious code into viewed pages is still on the web server.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...