JS/ScrInject.B Trojaner detected on suvbsites of biggest German news site focus.de

[User 13]

On all subsites of www.focus.de

JS/ScrInject.B Trojan is detected and sites are blocked.

Is this a false positive?

i.E.:

hxxp://www.focus.de/sport/fussball/nach-21-monaten-uli-hoeness-wurde-aus-haft-entlassen_id_5321285.html

hxxp://www.focus.de/finanzen/boerse/eine-frage-der-zeit-warum-der-oelpreis-nicht-nur-steigen-sondern-explodieren-wird_id_5318150.html

hxxp://www.focus.de/panorama/welt/kriminalitaet-internationaler-schlag-gegen-illegale-internet-plattformen_id_5321564.html

virus signature database: 13102P (20160229)

Edited February 29, 2016 by User

[HSW 9]

global problem, wrong detection from eset i think

 

same problem with "HTML/Refresh.BC" on different pages

[Frankdark 0]

My Servers gets lots of alarms of clients blocking random websites and ower one.

Checked websites with a Viruscan and nothing found.
 

[GNP67 1]

 

Today we also lots of these messages, JS/ScrInject.B  and HTML/Refresh.BC  

usualy we have 2 or 3 messages a week, now we got about 100 in a hour on very different sites ( even our own mailserver page )

[reliag 0]

A lot of our users are also receiving this message; sites like MSN as well as ad-free subscribed sites...

[rept30 0]

Yup, Getting the same message on amazon and crunchyroll website.

 

Also, HTML/Refresh.BC trojan on a few other major websites.

Edited February 29, 2016 by rept30

[khairulaizat92 9]

Yep, its also effected some major media website in Malaysia, and including my University web. This going to effect almost 50% of My university student as they used this antivirus too..huhuh

Edited February 29, 2016 by khairulaizat92

[SourPuss 0]

Yeah ive just got it on hxxp://www.crunchyroll.com.

 

A legal streaming site that ive got a paid subscription for.

 

This is nonsense

[A.Mannchen 0]

Yes, same here. I hope you'll fix it, soon!

[cav 0]

Please help, same here with one of the biggest sites in Poland - gazeta.pl, allegro.pl - JS/ScrInject.B.

[henry79802 0]

HTML/Refresh.BC

specially by searching with Google, a Little bit better with bing

[Barclay 0]

Yep, same here, its affecting loads of websites with the message JS/ScrInject.B trojan

[micha_1989 0]

Same Problem here on Amazon and ebay...and a lot of more sites...

Edited February 29, 2016 by micha_1989

[FancyPanda 0]

I think there's a problem with Eset...

I got message from web like
9gag
Twitch

and many trusted web that usually i visit...

[Ken7878 0]

Same here in UK. Got that on MSN homepage using IE and various other websites using Firefox. So far, I have two reported problems at our company, expecting more when it is lunch time!

[theCheek 0]

Getting this across all my users with Eset Smart Security installed across many different sites. What can we do to rectify? Is it just a case of waiting for definitions to be updated or something?

[Remulus 0]

Hundreds detections in my organization :/

 

Mainly:

HTML/Refresh.BC trojan

JS/ScrInject.B trojan

[RaDoe 0]

Same problem on amazon, ebay, heise.de and even internal Sites of our System (Intranet).

[CMS 8]

See this thread in Business Products forum https://forum.eset.com/topic/7550-wrong-detection-website-infection-jsscrinjectb/

[JHC 0]

Same exact problems, getting this on Amazon and Newegg. Some of the "show message" links from eset are resulting in same message.

[w.mayr@heson.com 0]

I get the same Messages after my Clients upgraded to virus signature database 13102.

Working with the Internet is now impossible so i rolled back the Virus database on each Client an now there are no more Problems so I think the Virus Signatur database is the Problem!

[danielw79 0]

Yep same here, getting flooded with false alerts, ESETS phone lines have been engaged all morning.

 

Seems to be Definitions 13102 mainly seems to be JS/ScrInject.B Trojan.

[Sim 0]

Yup - same problem running 13102 (in Nod32) ... I rolled back to a previous version and the problem went away. Another machine running 13100 is fine.

[vl_victoria 0]

Same with amazon.com  . Earlier this day I browsed through amazon without any problems. During the last hours, all amazon pages are flagged with this JS/ScrInject.B trojan and are closed down by eset. Hope ESET fixes that asap.

[Sam91 0]

I am getting this on Amazon (UK). Is there any cause for concern?