HTML/Scrinject.B.Gen virus false positive?

[Marcos 5,074]

Excuse me for that!

here it is www.cavalier-noir.org

 

The website was compromised and was serving malware a few days ago. Did you also take measures to prevent re-infection?

[Aywen 0]

 

Excuse me for that!

here it is www.cavalier-noir.org

 

The website was compromised and was serving malware a few days ago. Did you also take measures to prevent re-infection?

 

I cleaned everything, scaned it myself and asked my host to scan it as well, we found nothing.

Is there any other way to find the threat and remove it? I want to protect my audience!

[Marcos 5,074]

 

 

Excuse me for that!

here it is www.cavalier-noir.org

 

The website was compromised and was serving malware a few days ago. Did you also take measures to prevent re-infection?

 

I cleaned everything, scaned it myself and asked my host to scan it as well, we found nothing.

Is there any other way to find the threat and remove it? I want to protect my audience!

 

 

The threat was found in the /wp-content/plugins folder. Since it's no longer there, we unblocked that url yesterday.

[Aywen 0]

 

 

 

Excuse me for that!

here it is www.cavalier-noir.org

 

The website was compromised and was serving malware a few days ago. Did you also take measures to prevent re-infection?

 

I cleaned everything, scaned it myself and asked my host to scan it as well, we found nothing.

Is there any other way to find the threat and remove it? I want to protect my audience!

 

 

The threat was found in the /wp-content/plugins folder. Since it's no longer there, we unblocked that url yesterday.

 

Thank you!

[Erwan960 0]

Eset found HTML/ScrInject.B.Gen virus on hxxp://www.xsimulator.net

The site has been fully scanned and nothing has been found. Is it a false positive ?

 

Thanks.

[Marcos 5,074]

Eset found HTML/ScrInject.B.Gen virus on hxxp://www.xsimulator.net

The site has been fully scanned and nothing has been found. Is it a false positive ?

The website has recently been serving malware and thus was blocked. This forum doesn't serve for reporting false positives as it's ESET Malware Research Lab that should be notified.

[softgozar 0]

hi

please check this forum:)

 

forum.softgozar.com for html/scrinject.b.gen-virus

 

thank you

[softgozar 0]

result of virus total:)

 

https://www.virustotal.com/en/url/1bed5d897818d03edb8a9897c11b5b514cb88598ea9e15849dcbedaee33341f9/analysis/

 

https://www.virustotal.com/en/file/93d4de3b1b58438f43138471369e8302a1f148479abe532d2d0f826018324061/analysis/1412130600/

[Sean L. 0]

Hi, Marcos.

 

I'm having an issue with the following webiste: www.massacrevideo.com which is a legit company that belongs to a friend of mine that re-releases rare and obscure Horror films on DVD/Blu-Ray/VHS and I've been getting the following screen message:

 

 

 

I contacted my friend and he said he would look into it, but I figured I'd also report it to you to see if ESET can tell me anything about this issue. It's a wordpress site. I've been on his site countless time and this is the first time I've ever had this issue. I'm running ESET Smart Security 8 v. 8.0.304.0

 

Thank you very much!

[foneil 342]

Hi, Marcos.

 

I'm having an issue with the following webiste: www.massacrevideo.com which is a legit company that belongs to a friend of mine that re-releases rare and obscure Horror films on DVD/Blu-Ray/VHS and I've been getting the following screen message:

 

 

 

I contacted my friend and he said he would look into it, but I figured I'd also report it to you to see if ESET can tell me anything about this issue. It's a wordpress site. I've been on his site countless time and this is the first time I've ever had this issue. I'm running ESET Smart Security 8 v. 8.0.304.0

 

Thank you very much!

 

Use the following web page to report a site: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141

[BlueSteelAU 0]

i'm getting a

Threat detected

Access to the web page was blocked.
hxxp://ipadian.ps4em.com

Threat: HTML/ScrInject.B.Gen virus

i've checked it out at https://sitecheck.sucuri.net/results/ipadian.ps4em.com
seems to be clean and it states that its not on one of your blacklists

and it won't let me go there

 

[Tudor 0]

Hi.I have the same problem with Steam Store. Also, when I searched for the error, I found someone that was talking about it, but I couldn't open the page ( hxxp://c.cldlr.com/?s2=JMC885.RO_Fyibuqwvc6-PZaHBTdvIQe&a=20565&c=77369&p=r&E=I6uxYpRo6jY=&s1= ) because of the same reason.

[Tudor 0]

P.S. Actually, 90% of the pages I visited have this error.Almost every Steam page has this, even the news in some games.

 

[Manoj 0]

Hi. This is the message I am getting.  HTML/ScrInject.B.Gen virus.

 

I am unable to access ANY WEBSITE, and its hampering my work. Please can you help?

[Manoj 0]

The funny thing is that even hxxp://go.eset.eu/kb-http-threat?lng=1033is blocked by your own software. I cannot even access the knowledge base. 

 

Can you look at this and revert. 

 

Thanks and best regards

 

Manoj

[cgcheah 0]

Good  Day ,

 

I am cheah , our company web site :thongguan.com been block
by your antivirus / security due to prompt virus detect: HTML/ScrInject.B.Gen virus

Kindly remove from virus list ASAP and i confirm our web hosting server
are clean

 

thank and best regard
cheah

[StefanB 0]

Hi there,

 

I am owner of noemisworld.com and last week we received reports from our member that ESET start warning about HTML/ScrInject.B.Gen virus on my website. I checked my site for virus and threads and solved problems with virus. 

On this case, please remove  from virus list and confirm me on that my site is clean now.

 

Thanks,

Stefan

[Jonny 0]

I got this warning today when using NUGET in Visual Studio to install Newtonsoft.JSON.

 

[Xordan 0]

hi,

 

i have just had this same msg as other above pop up twice in the last 10 mins

 

the website is hxxp://forum.sealordsvf.org

 

what should i do, as it is my friends website

[Marc_JOVI 0]

Good morning,

 

I've just started receiving an ESET's error message while surfing the internet in some web pages such as amazon.es, ebay, microsoft tech blogs, etc.

 

Please find attached a screenshot from Endpoint's quarantine.

 

Could it be false positive as commented on the post? It's quite strange to be warned on these kind of web pages, isn't it?

 

Thank you.

Marc Carpena

Barcelona - Catalunya.

 

[giasuketoantruong 0]

Plz check it ????????? I am angrry
If i vistit home website : hxxp://giasuketoantruong.com/---> Nomarl
If i visit site link website: hxxp://giasuketoantruong.com/index.php?option=com_content&view=article&id=171:khoa-hoc-ke-toan-vien-nang-cao&catid=38:cac-khoa-hoc-thuc-hanh&Itemid=72 
--- > Access to the web page was blocked.  Show URL

Threat: JS/ScrInject.B trojan


Why ???????????????????????????
​

[fredmc 0]

Hi,

Since this morning I'm stucked on some websites like amazon (actually got an error with this threat on nearly all messages). For example, when I connect to amazon it's fine but when I'm doing a research (for example rechargable battery), Nod 32 Av blocked me and I can't go further.

Please do something. Imho it's a false positive, because everything went fine yesterday and I didn't install anything since yesterday.

Thanks

[Marc_JOVI 0]

Hi all,

 

Regarding my last post, the problem seems to be something general and widespread on our company. Several users reported the same behavior on different web pages this morning; all of them were warned about the Trojan and their connections to these websites have been blocked, so we need some help/support asap.

 

Moreover, I've just been warned about HTML/BC TROJAN... What's happening?!

 

Thank you.

Marc

[neo002 1]

my website has been blocked by NOD32 antivirus " JS/ScrInject.B "

>>> hxxp://www.seriesded.com/

 

Please help me to fix this

[FREESAT 0]

Our website has been blocked by NOD32 antivirus " JS/ScrInject.B "

 

hxxp://ifreesat.in

 

Please solve this problem !!!!

Edited April 1, 2016 by FREESAT