Jump to content

Recommended Posts

Hello.  Upon starting my computer today it did the "configuring Windows" three times before completing, then an ESET window came up with this message:

A threat (HTML/ScrInject.B) was found in a file that Microsoft Windows Search Protocol Host tried to access.  It can only be removed by deleting the file which can cause problems if the file belongs to the operating system.

So I'm not sure what to do at this point.  Please advise.

Thank you!

Share this post


Link to post
Share on other sites

Please carry on as follows:

- download and launch ESET Log Collector
- also select "Quarantined files" in the list
- gather logs and other files
- post the generated archive here.

Share this post


Link to post
Share on other sites

Thank you so much for responding.  I believe this is the information you're requesting.  I copied it from the box titles "Operation Log".  If this isn't correct, please tell me where to find the correct logs.

[15:42:58 PM] ESET Log Collector v3.2.0.1 (9/11/2018) - 64 bit
[15:42:58 PM] Copyright (c) 1992-2018 ESET, spol. s r.o. All rights reserved.
 

Share this post


Link to post
Share on other sites

Sorry Marcos, I just realized I didn't copy the whole list.  Here it is:

 

Share this post


Link to post
Share on other sites

I don't need the operation log generated by ELC but the whole archive that was generated.

Share this post


Link to post
Share on other sites

Sorry about that, obviously I'm not very well versed in these things. :)  It archived a zip file, and I've attached it here.  Is this what you need?

eav_logs.zip

Share this post


Link to post
Share on other sites
Quote

A threat (HTML/ScrInject.B) was found in a file that Microsoft Windows Search Protocol Host tried to access.

There's nothing like that in the logs you provided. The only detections were:

Win32/Bundled.Toolbar.Ask.G pot. unsafe app.
HTML/Refresh.BC

Share this post


Link to post
Share on other sites

Ok, thank you for looking into it.  At this point, I guess I just need to know which button to click - delete or ignore threat?  I'm concerned about deleting because of the warning about the operating system.

Share this post


Link to post
Share on other sites

Select Delete. It should be basically only temporary html files on a disk when an interaction is required. If you open a website where this detection is triggered, access is blocked automatically.

Share this post


Link to post
Share on other sites

Ok, thank you so much for all of your help!  Have a wonderful day!

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...