jimwillsher 65 Posted February 29, 2016 Posted February 29, 2016 We should be happy that it didn't nuke critical Windows files like some other AV vendors' false positive have done :-)
Ronald_PNO 0 Posted February 29, 2016 Posted February 29, 2016 Same problem with our website, glad I found this thread otherwise I might would have set a website backup back.
davidpitt 4 Posted February 29, 2016 Posted February 29, 2016 We should be happy that it didn't nuke critical Windows files like some other AV vendors' false positive have done :-) lol yeah, that would've not been a happy Monday!
rpremuz 6 Posted February 29, 2016 Posted February 29, 2016 We have the same issue with Endpoint AV v. 6.2.2033.0 and virus signature database 13102. Alerts mention the following threads: JS/ScrInject.B trojan HTML/Refresh.BC trojan HTML/Phishing.Agent.B trojan
NilsJ 0 Posted February 29, 2016 Posted February 29, 2016 yep we're even getting it on our own ticketsystems editor (ckeditor.js). signature: 13102 (20160229)
Thouthou 0 Posted February 29, 2016 Posted February 29, 2016 Issue seems to be related since signature update 13102 Very annoying
mingtel 0 Posted February 29, 2016 Posted February 29, 2016 So do you think this is a ESET prob? Not handy that we cant do anything today. Cant get onto bank site or anywhere for that matter, a real pain
CMS 8 Posted February 29, 2016 Posted February 29, 2016 Would be nice to hear from someone at ESET. Should be part of a contingency to post on the forums in a situation like this...
Solution CMS 8 Posted February 29, 2016 Solution Posted February 29, 2016 Ah, there we go https://forum.eset.com/topic/7567-jsscrinjectb-and-htmlrefreshbc-false-positive/
MikeG 0 Posted February 29, 2016 Posted February 29, 2016 Same problem here...roll out an update eset
Tony Spooner 0 Posted February 29, 2016 Posted February 29, 2016 Go to this topic for ESET Response: https://forum.eset.com/topic/7567-jsscrinjectb-and-htmlrefreshbc-false-positive/ It is a problem with 13102 update, will be sorted with 13103 We will wait and see
doug.morrison 0 Posted February 29, 2016 Posted February 29, 2016 Managed to get through to the helpdesk via direct email to one of their techs, his response follows: It is being worked on, we are as you can imagine very busy. The situation can be resolved if the user rolls back the signature updates. The problem should be resolved soon with another update, the broken update has already been pulled so no further customers should get affected by it. As stated by earlier posts, the affected definition is 13102.
adw 0 Posted February 29, 2016 Posted February 29, 2016 Same problems here, loads of my business customers are affected by this! Does anyone know if ESET are doing anything about it, or if there have been any announcements from them? This also raises questions about how thoroughly ESET updates are tested before they are released!
akifumi.tanabe 0 Posted February 29, 2016 Posted February 29, 2016 I confirmed that this problem has been fixed at virus definition database version 13103 (20160229).
Urix 0 Posted February 29, 2016 Posted February 29, 2016 Same here. Livejournal comments does not load, Tumblr blogs does not load.
Ken7878 0 Posted February 29, 2016 Posted February 29, 2016 The problem is now fixed with by virus signature db version 13103.
Administrators Marcos 5,453 Posted February 29, 2016 Administrators Posted February 29, 2016 A virus signature database update 13103 which addresses the false positive has been released. For more information, please refer to https://forum.eset.com/topic/7577-jsscrinjectb-and-htmlrefreshbc-false-positive/. Also we would like to assure you than the problem pertained only to web browsing and no files on disks were affected. We apologize for the inconvenience.
gfburke 0 Posted February 29, 2016 Posted February 29, 2016 Client had the same with chrome/hotmail. Even after updating with the fix, same thing. Even after removing eset and restarting, same thing. Had to go into chrome (cccleaner didn't do it), and delete history/catch/cookies. THEN, it worked. just fyi if Chrome is hanging on to an error. Probably local special issue though. Jamie.
Administrators Marcos 5,453 Posted February 29, 2016 Administrators Posted February 29, 2016 The false positives occurred only with web protection, ie. when a specific java script file was actually downloaded and scanned. These detection may occur also with newer versions as they've been in place for month or years already. If you are unsure if the detection is ok or FP, submit it to samples[at]eset.com in an archive protected with the password "infected".
Recommended Posts