cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Taplika toolbar Adware trojan Download

Jump to solution

Taplika toolbar Adware trojan Download. My Network Engineer noted that one PC has a host of attempts to download this toolbar.  VSE 88 SP9 did not detect this. Would ENS?

Stewart
1 Solution

Accepted Solutions
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: Taplika toolbar Adware trojan Download

Jump to solution

My guess would be some malicious advertising on a site (loaded in a background tab or hidden frame) was probably requesting it using some obfuscated JavaScript. Sometimes these scripts, frames, or pages are not caught by VSE 8.8, especially if McAfee ScriptScan is disabled; or Active Protection > Anti-Spyware Standard Protection > Protect Internet Explorer favorites and settings is not activated; or scan exclusions in policies or client tasks are not well-defined, which allow malicious web content to be downloaded into local browser caches without scanning.

As you may already know, periodically closing all browser tabs, clearing browser caches and cookies can quickly alleviate these types of suspicious requests. Hopefully, with no harm done.

View solution in original post

5 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: Taplika toolbar Adware trojan Download

Jump to solution

Hello @User27605043 ,

To check if the file is malicious we would require the sample to understand the behavior and make it detectable.

But to find if it is actually malicious

1. I would suggest to right click on that file and scan it with VSE / ENS .

2. upload the file hash in virustotal and check if it getting detected by all AV products.

3. Perform Eicar test to verify if the AV product is working fine : 
How to use the EICAR anti-malware test file with McAfee products
Technical Articles ID: KB59742

If VSE is not detecting then I would suggest to raise a Service Request with Support.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Yash T
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: Taplika toolbar Adware trojan Download

Jump to solution

Can you confirm with your Network Engineer that the download attempt was successful, or did a network-based anti-malware product detect it and block the download attempt from the PC? Typically, VSE 8.8 will need the file to be successfully downloaded in order to scan (and detect) the file.

If the PC is infected, however, and the file type, download folder, or client process are being excluded in VSE 8.8 scan policies or client tasks, and carried-over to ENS, then I doubt ENS will help prevent future infections of this type.  Also, broken DAT updates, engine updates, and lack of periodic scans are also things to consider.

Re: Taplika toolbar Adware trojan Download

Jump to solution

I do not believe it was ever successfully downloaded. The issue is  what was initiating the attempted download? Users seldom admit to doing this stuff on purpose. According to the Network guy this was happening for days. I am guessing it was somehow cached to continue to try over time.

Stewart
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: Taplika toolbar Adware trojan Download

Jump to solution

My guess would be some malicious advertising on a site (loaded in a background tab or hidden frame) was probably requesting it using some obfuscated JavaScript. Sometimes these scripts, frames, or pages are not caught by VSE 8.8, especially if McAfee ScriptScan is disabled; or Active Protection > Anti-Spyware Standard Protection > Protect Internet Explorer favorites and settings is not activated; or scan exclusions in policies or client tasks are not well-defined, which allow malicious web content to be downloaded into local browser caches without scanning.

As you may already know, periodically closing all browser tabs, clearing browser caches and cookies can quickly alleviate these types of suspicious requests. Hopefully, with no harm done.

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Taplika toolbar Adware trojan Download

Jump to solution

Hi @User27605043,

Thank you for posting your query here. if you prefer us to have the tool bar scanned to confirm if it is malicious or not, please help us with a sample via a service Request or help me with the hash value of the file so that I can have this checked and get back to you with the results.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community