Jump to content

ScrInject.B trojan detection on MediaFire, is this a false positive?


mashaaa
 Share

Recommended Posts

hi! i use a piece of music software called vocaloid and a few minutes ago, i went to download a vsqx (essentially a vocaloid project file) (hxxp://www.mediafire.com/file/zl6y1de5q22t2vt/Once_Upon_a_December.rar/file) from mediafire, and the website was blocked because ESET 13.0.24.0 detected a trojan called ScrInject.B. i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean. i am very confused, could this mean it was a false positive? i am using an expired trial version, and have since swapped antiviruses, so maybe it could be a conflict? i have no idea.

Untitle.png

Edited by mashaaa
changed https:// on mediafire link to hxxps://, not taking chances
Link to comment
Share on other sites

  • Most Valued Members
3 hours ago, mashaaa said:

hi! i use a piece of music software called vocaloid and a few minutes ago, i went to download a vsqx (essentially a vocaloid project file) (hxxp://www.mediafire.com/file/zl6y1de5q22t2vt/Once_Upon_a_December.rar/file) from mediafire, and the website was blocked because ESET 13.0.24.0 detected a trojan called ScrInject.B. i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean. i am very confused, could this mean it was a false positive? i am using an expired trial version, and have since swapped antiviruses, so maybe it could be a conflict? i have no idea.

Untitle.png

It can probably be infected or not , like one redirect was infected the other wasn't if you didn't get a detection triggered the second time , the file itself isn't infected , what is infected the page that sends you to another malicious JS script

Running an expired AV is dangerous , if you are not going to renew ESET or buy a license , you better be running Windows Defender because having an out-of-date AV is bad.

Link to comment
Share on other sites

10 hours ago, Rami said:

It can probably be infected or not , like one redirect was infected the other wasn't if you didn't get a detection triggered the second time , the file itself isn't infected , what is infected the page that sends you to another malicious JS script

Running an expired AV is dangerous , if you are not going to renew ESET or buy a license , you better be running Windows Defender because having an out-of-date AV is bad.

no worries! i swapped to a new AV when the trial licence expired, also thank you for the response. i was just really confused and you helped me out a lot :)

Edited by mashaaa
Link to comment
Share on other sites

14 hours ago, mashaaa said:

i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean.

You can't rely of Virus Total detection because not all Eset security detection components are installed there.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...