Jump to content

Archived

This topic is now archived and is closed to further replies.

mashaaa

ScrInject.B trojan detection on MediaFire, is this a false positive?

Recommended Posts

hi! i use a piece of music software called vocaloid and a few minutes ago, i went to download a vsqx (essentially a vocaloid project file) (hxxp://www.mediafire.com/file/zl6y1de5q22t2vt/Once_Upon_a_December.rar/file) from mediafire, and the website was blocked because ESET 13.0.24.0 detected a trojan called ScrInject.B. i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean. i am very confused, could this mean it was a false positive? i am using an expired trial version, and have since swapped antiviruses, so maybe it could be a conflict? i have no idea.

Untitle.png

Share this post


Link to post
Share on other sites
3 hours ago, mashaaa said:

hi! i use a piece of music software called vocaloid and a few minutes ago, i went to download a vsqx (essentially a vocaloid project file) (hxxp://www.mediafire.com/file/zl6y1de5q22t2vt/Once_Upon_a_December.rar/file) from mediafire, and the website was blocked because ESET 13.0.24.0 detected a trojan called ScrInject.B. i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean. i am very confused, could this mean it was a false positive? i am using an expired trial version, and have since swapped antiviruses, so maybe it could be a conflict? i have no idea.

Untitle.png

It can probably be infected or not , like one redirect was infected the other wasn't if you didn't get a detection triggered the second time , the file itself isn't infected , what is infected the page that sends you to another malicious JS script

Running an expired AV is dangerous , if you are not going to renew ESET or buy a license , you better be running Windows Defender because having an out-of-date AV is bad.

Share this post


Link to post
Share on other sites
10 hours ago, Rami said:

It can probably be infected or not , like one redirect was infected the other wasn't if you didn't get a detection triggered the second time , the file itself isn't infected , what is infected the page that sends you to another malicious JS script

Running an expired AV is dangerous , if you are not going to renew ESET or buy a license , you better be running Windows Defender because having an out-of-date AV is bad.

no worries! i swapped to a new AV when the trial licence expired, also thank you for the response. i was just really confused and you helped me out a lot :)

Share this post


Link to post
Share on other sites
14 hours ago, mashaaa said:

i ran it through virustotal (hxxps://www.virustotal.com/gui/url/0b19ab859aaf70e1293eca6f93c89d23c4b9ba09d89a96e61bc8294e4ce12dba/detection) and everything, including ESET, came back clean.

You can't rely of Virus Total detection because not all Eset security detection components are installed there.

Share this post


Link to post
Share on other sites

Moreover, url scan and website content scan are two completely different things.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...