Jump to content

ScrInject.B trojan detection on MediaFire, is this a false positive?

mashaaa

By mashaaa
in Malware Finding and Cleaning

 Share

Recommended Posts

mashaaa

mashaaa 0

Posted
Posted (edited)

hi! i use a piece of music software called vocaloid and a few minutes ago, i went to download a vsqx (essentially a vocaloid project file) (hxxp://www.mediafire.com/file/zl6y1de5q22t2vt/Once_Upon_a_December.rar/file) from mediafire, and the website was blocked because ESET 13.0.24.0 detected a trojan called ScrInject.B. i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean. i am very confused, could this mean it was a false positive? i am using an expired trial version, and have since swapped antiviruses, so maybe it could be a conflict? i have no idea.

Untitle.png

Edited by mashaaa
changed https:// on mediafire link to hxxps://, not taking chances
Link to comment
Share on other sites
  • Most Valued Members
Nightowl

Nightowl 198

Posted
  • Most Valued Members
Posted
3 hours ago, mashaaa said:

hi! i use a piece of music software called vocaloid and a few minutes ago, i went to download a vsqx (essentially a vocaloid project file) (hxxp://www.mediafire.com/file/zl6y1de5q22t2vt/Once_Upon_a_December.rar/file) from mediafire, and the website was blocked because ESET 13.0.24.0 detected a trojan called ScrInject.B. i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean. i am very confused, could this mean it was a false positive? i am using an expired trial version, and have since swapped antiviruses, so maybe it could be a conflict? i have no idea.

Untitle.png

It can probably be infected or not , like one redirect was infected the other wasn't if you didn't get a detection triggered the second time , the file itself isn't infected , what is infected the page that sends you to another malicious JS script

Running an expired AV is dangerous , if you are not going to renew ESET or buy a license , you better be running Windows Defender because having an out-of-date AV is bad.

Link to comment
Share on other sites
mashaaa

mashaaa 0

Posted
  • Author
Posted (edited)
10 hours ago, Rami said:

It can probably be infected or not , like one redirect was infected the other wasn't if you didn't get a detection triggered the second time , the file itself isn't infected , what is infected the page that sends you to another malicious JS script

Running an expired AV is dangerous , if you are not going to renew ESET or buy a license , you better be running Windows Defender because having an out-of-date AV is bad.

no worries! i swapped to a new AV when the trial licence expired, also thank you for the response. i was just really confused and you helped me out a lot :)

Edited by mashaaa
Link to comment
Share on other sites
itman

itman 1,628

Posted
Posted
14 hours ago, mashaaa said:

i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean.

You can't rely of Virus Total detection because not all Eset security detection components are installed there.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...