nzo12 0 Posted November 21, 2015 Share Posted November 21, 2015 Today I opened ESPN, as I normally do every day, and I got an alert as soon as I started playing a video embedded on their main page. Played a different video and same thing. Of course this is a little unnerving and this is my first alert in over a year. The last one was a false positive as well. The object names are as follows: hxxp://player.ooyala.com/static/modules/analytics-.......(erased end to comply w/ rules). hxxp://cdn.modules.ooyala.com/static/modules/analytics-.......(erased end to comply w/ rules) E:\Users\UserName\AppData\Local\Google\Chrome\User Data\Profile 3\Cache\f_000337 Reason for all are "swf/exploit.agent.jm trojan" Any thoughts or advice would be greatly appreciated! Link to comment Share on other sites More sharing options...
Administrators Marcos 5,071 Posted November 23, 2015 Administrators Share Posted November 23, 2015 Are you positive that you're using the most current signature database? Link to comment Share on other sites More sharing options...
nzo12 0 Posted November 24, 2015 Author Share Posted November 24, 2015 Yep up to date. I have gotten an alert since that date. Maybe the new database does not capture it? I also ran the files in quarantine on VirusTotal and came up clean. Safe to assume it was a false positive? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,071 Posted November 26, 2015 Administrators Share Posted November 26, 2015 I think this detection was removed about Nov 20 but I'm not completely sure. If the file is still detected on the computer, run ESET Log Collector as per the instructions at hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3466and provide me with the output via a personal message. Link to comment Share on other sites More sharing options...
Recommended Posts