Jump to content

JS/Agent.OZD - Mylist.co.il


Recommended Posts

About 2 days ago, ESET Internet Security (13.1.21.0) has flagged my personal site https://www.mylist.co.il/ due to it intercepting the "JS/Agent.OZD" trojan. I've had this site more than 2 years and never had a problem with security issues. I suspect that this item was recently added to the ESET list? The problem has been reported to my Host Provider tech team and their scans didn't detect anything. The practical issue is that some of the features of the forum are disabled, e.g., the text box for starting new discussions or replying to one is missing. Other related features are using the "Quote" feature, and a few others. Disabling ESET resolves those problems. I suspect that this is a false positive. I think javascript items are being flagged. What can I do to resolve this issue without creating a real risk?

 
Link to comment
Share on other sites

  • ESET Insiders
7 hours ago, Marcos said:

I was unable to reproduce the detection on this website. Are you still getting the threat detected?

You should try and do investigate why you didn’t get a detection. You may find what some of us are saying, There are sporadic times that ESSP just doesn’t work, even though there are no indications it’s not working. In other words it still appears in the system tray but it’s not working. 

Link to comment
Share on other sites

  • Administrators

It was caused by using a different browser. The website was indeed compromised.

Please remove all references to:
frookshop-winsive.com
cening-setects.com

Link to comment
Share on other sites

  • Administrators
5 minutes ago, NewbyUser said:

So not all browsers have http/https scanning enabled? 

It's not about SSL scanning but about conditions that the malware uses to inject into viewed html pages.

Still, neither you nor me got the JS/Agent.OZD detection on the website, hence I assume this particular malware has been removed but another malware that injects a malicious code into viewed pages is still on the web server.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...