Jump to content

Archived

This topic is now archived and is closed to further replies.

CMS

JS/ScrInject.B trojan HTML/Refresh.BC trojan

Recommended Posts

 

same with me, I think my computer is affected by Trojan

hxxp://prnt.sc/a9oew3

 

It should not be reported on popular sites with the signature database 13103 or newer.......

I guess it could happen if the website in question indeed is infected. :P

Popular sites may be popular - but not even the so called popular sites are immune...yet :D

Share this post


Link to post
Share on other sites

hi

my antivirus signature is 13107 and i have this problem .

what should i do?

Share this post


Link to post
Share on other sites

This issue has not gone away.  We are currently getting reports from these sites (within the past 3 days), and we are way beyond the recommended update.

 

     hxxp://king-county. gov contains HTML/Refresh.BC Trojan.

     hxxp://lowes .coom contains HTML/Refresh.BC Trojan.

     hxxp://sirius.c o pm contains HTML/Refresh.BC Trojan.   ​

    hxxp://www.burstbeac on.com/beacon/56091/0/rtbconversion/0 contains HTML/Refresh.BC Trojan. 

 

Is the some kind of mediation that can be preformed on the server.  ​

     ​

Share this post


Link to post
Share on other sites

This issue has not gone away.  We are currently getting reports from these sites (within the past 3 days), and we are way beyond the recommended update.

 

     hxxp://king-county. gov contains HTML/Refresh.BC Trojan.

     hxxp://lowes .coom contains HTML/Refresh.BC Trojan.

     hxxp://sirius.c o pm contains HTML/Refresh.BC Trojan.   ​

    hxxp://www.burstbeac on.com/beacon/56091/0/rtbconversion/0 contains HTML/Refresh.BC Trojan. 

 

Is the some kind of mediation that can be preformed on the server.  ​     ​

 

Most likely the detection is correct. Please provide me with logs collected by ESET Log Collector (hxxp://support.eset.com/kb3466/) and "Recently quarantined files" selected so that i can check the exact files that were detected on your computer.

Share this post


Link to post
Share on other sites
9 hours ago, Sierra said:

My company's website is being blocked under a "HTML/ScrInject.B!tr " warning. I've run all kind of antivirus and it seems to be a false positive.

Please understand that this forum does not serve as a means for reporting false positives or disputing detections or blocks. In this case the detection name is not uses and the alert seems to have come from Fortinet.

Share this post


Link to post
Share on other sites
11 hours ago, Sierra said:

This is the URL of our site :hxxp://www.new-world-trading.jp/

I can connect to the web site w/o issue.

Share this post


Link to post
Share on other sites
11 hours ago, itman said:

I can connect to the web site w/o issue.

Thank you.

Share this post


Link to post
Share on other sites
12 hours ago, Marcos said:

Please understand that this forum does not serve as a means for reporting false positives or disputing detections or blocks. In this case the detection name is not uses and the alert seems to have come from Fortinet.

I see now, I will look into that. Thanks so much for the input 

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...