Fkofilee 0 Posted November 22, 2022 Share Posted November 22, 2022 Hi All I am trying to download a software from a portal. This software is used to provide VOIP Telephony Client to our customers that we develop in conjunction with our partners. Recently, Eset Antivirus / Endpoint Security / Eset Internet Security is showing the download containing malware, yet when disabling the Protection, then re-enabling and scanning said file - No issues are found. Already submitted as an urgent request to whitelist the file as we need to provide this update to our clients, but this has not yielded a result. Can someone take a look at it for me? FKO CirrusVOIPClient.zip Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted November 22, 2022 Administrators Share Posted November 22, 2022 I assume it's rather a potentially unwanted or unsafe application which was detected and not an actual threat. Unfortunately neither the standard password "infected" nor any of the passwords I've tried worked so I could not unpack the files from the archive and scan them. What password did you use? Link to comment Share on other sites More sharing options...
Fkofilee 0 Posted November 22, 2022 Author Share Posted November 22, 2022 Sorry forgot to put the password Clean33! It doesnt come up as a PUA though which is what threw me off. Apologies. Link to comment Share on other sites More sharing options...
Fkofilee 0 Posted November 22, 2022 Author Share Posted November 22, 2022 It occurs when downloading from the following addresses which is the verfied source. They instantly go into Quarantine, it doesnt matter which browser is used etc https://portal.cirrusresponse.com/download/app/install_5.0.5.26_27_32.msihttps://portal.cirrusresponse.com/download/app/install_5.0.5.26_27_64.msi Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 4,713 Posted November 22, 2022 Administrators Solution Share Posted November 22, 2022 I was able to find the root cause of detection, it will be fixed within a couple of minutes. Thanks for the heads-up. Link to comment Share on other sites More sharing options...
Fkofilee 0 Posted November 22, 2022 Author Share Posted November 22, 2022 Ta muchly. Does the Endpoint Client need to be updated in anyway? If so what is the timescale I should expect for it to filter through? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted November 22, 2022 Administrators Share Posted November 22, 2022 It should take only a couple of minutes, no manual intervention is needed. Link to comment Share on other sites More sharing options...
Fkofilee 0 Posted November 22, 2022 Author Share Posted November 22, 2022 Thank you for confirming Finally - Are you able to tell me why it was doing it? If not - no worries, just need to cover all bases. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,713 Posted November 22, 2022 Administrators Share Posted November 22, 2022 It was a false positive like any other, in this case caused by a loose detection that could trigger also FPs upon downloading specific msi installers. Link to comment Share on other sites More sharing options...
Recommended Posts