Jump to content

HTML/ScrInject.B trojan - No action taken


DaveBOpt

Recommended Posts

I've had a warning for HTML/ScrInject.B trojan on https://bid.rxrtb.com with 'no action'  

What does this mean? ESET has detected a threat but hasn't done anything about it?

What's the best practice here?

Link to comment
Share on other sites

  • Administrators

This detection requires the user to select the desired action unless strict cleaning is used. If no action was chosen, the file was only blocked. I would like to ask you to provide me with logs gathered by ESET Log Collector on that machine with also "quarantined files" selected since I was unable to reproduce the detection.

image.png

 

Link to comment
Share on other sites

1 hour ago, Marcos said:

This detection requires the user to select the desired action unless strict cleaning is used. If no action was chosen, the file was only blocked. I would like to ask you to provide me with logs gathered by ESET Log Collector on that machine with also "quarantined files" selected since I was unable to reproduce the detection.

image.png

 

Thanks I'll do this ASAP - machine is in a remote location.

Edited by DaveBOpt
Link to comment
Share on other sites

27 minutes ago, itman said:

The web site is not accessible;  404 error - page not found.

I had the same results. Just checking whether we should be taking any action as best practice. 

As the user didn't select an option, do you think it's wise to mark as 'Resolved' ?

Link to comment
Share on other sites

I will say this. I had a similar browser based HTML detection using EIS last month.

I posted on the forum about it because I had two questions. The first was why the log entry for it showed no action taken and the entry was shown in red color. As this: https://forum.eset.com/topic/17986-detected-threat-shows-in-red/?do=findComment&comment=88763 shows, Eset Web Protection which I have the ThreatSense setting set to Normal protection cleaned the threat with no user interaction required. As for no Eset quarantine event being recorded, I assumed this was correct since nothing ever hit the disk to be captured.

I am still puzzled why the log event showed no action. As to the red color of the log entry, I never received a response.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...