Jump to content

Archived

This topic is now archived and is closed to further replies.

HSW

Wrong detection website infection "JS/ScrInject.B"

Recommended Posts

We should be happy that it didn't nuke critical Windows files like some other AV vendors' false positive have done :-)

Share this post


Link to post
Share on other sites

Same problem with our website, glad I found this thread otherwise I might would have set a website backup back.

Share this post


Link to post
Share on other sites

We should be happy that it didn't nuke critical Windows files like some other AV vendors' false positive have done :-)

 

lol yeah, that would've not been a happy Monday!

Share this post


Link to post
Share on other sites

We have the same issue with Endpoint AV v. 6.2.2033.0 and virus signature database 13102.

 

Alerts mention the following threads:

JS/ScrInject.B trojan

HTML/Refresh.BC trojan

HTML/Phishing.Agent.B trojan

Share this post


Link to post
Share on other sites

yep we're even getting it on our own ticketsystems editor (ckeditor.js).

 
signature: 13102 (20160229)

Share this post


Link to post
Share on other sites

Issue seems to be related since signature update 13102

Very annoying

Share this post


Link to post
Share on other sites

So do you think this is a ESET prob?  Not handy that we cant do anything today.  Cant get onto bank site or anywhere for that matter, a real pain

Share this post


Link to post
Share on other sites

Would be nice to hear from someone at ESET. Should be part of a contingency to post on the forums in a situation like this...

Share this post


Link to post
Share on other sites

Same problem here...roll out an update eset :)

Share this post


Link to post
Share on other sites

Managed to get through to the helpdesk via direct email to one of their techs, his response follows:

 

 

It is being worked on, we are as you can imagine very busy.

 

The situation can be resolved if the user rolls back the signature updates.

 

The problem should be resolved soon with another update, the broken update has already been pulled so no further customers should get affected by it.

 

As stated by earlier posts, the affected definition is 13102.

Share this post


Link to post
Share on other sites

Same problems here, loads of my business customers are affected by this!  Does anyone know if ESET are doing anything about it, or if there have been any announcements from them?  This also raises questions about how thoroughly ESET updates are tested before they are released!

Share this post


Link to post
Share on other sites

Same here.

Livejournal comments does not load, Tumblr blogs does not load.

Share this post


Link to post
Share on other sites

The problem is now fixed with by virus signature db version 13103.

Share this post


Link to post
Share on other sites

A virus signature database update 13103 which addresses the false positive has been released. For more information, please refer to https://forum.eset.com/topic/7577-jsscrinjectb-and-htmlrefreshbc-false-positive/.

Also we would like to assure you than the problem pertained only to web browsing and no files on disks were affected.

We apologize for the inconvenience.

Share this post


Link to post
Share on other sites

Client had the same with chrome/hotmail.

Even after updating with the fix, same thing.  Even after removing eset and restarting, same thing.

Had to go into chrome (cccleaner didn't do it), and delete history/catch/cookies.  THEN, it worked.

just fyi if Chrome is hanging on to an error.  Probably local special issue though. 

Jamie. 

Share this post


Link to post
Share on other sites

The false positives occurred only with web protection, ie. when a specific java script file was actually downloaded and scanned. These detection may occur also with newer versions as they've been in place for month or years already. If you are unsure if the detection is ok or FP, submit it to samples[at]eset.com in an archive protected with the password "infected".

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...