Gigarank - ScrInject.B trojan - Eset Smart Security

Status
Not open for further replies.

fyzz08

New member
ScrInject.B trojan;deleted;ASUS-Z77\fyzz08;Event occurred on a new file created by the application: C:\Program Files (x86)\Mozilla Firefox\firefox.exe (0A304B28F59F141C37AF17D84BF8BA3C8E5FDD06).;EC72B37948F8153F5D96DDC3FAC90A12798E9A5B

I will be back in a couple of weeks to check the status of this thread. If you fix it before, please send me a PM - maybe I`ll get an announcement on email too.
 

Genesis

Administrator
Staff member
I've just checked Spamhaus, the authority on compromised Websites and there is no report. Our IP is not blacklisted by Spamhaus, nor Google. I also checked with blacklist.org. Same result.

Un4saken runs a daily script for screening our server for any infections. It would be very difficult for anything to get through that un4 doesn't know about.
 

Genesis

Administrator
Staff member
fouadChk said:
If no one else isn't reporting anything else, that should be an ESET products issue reporting false positives.
Great observation and agreed!
 

admin

Administrator
Staff member
Could you provide me with the exact url location your security alerted you? I will do some scanning myself just to be on the safe side.

Thanks..
 

GigaGreg

Moderator
Staff member
On the other hand using Anti virus such as ESET Nod32 is very bad as this antivitus is not very good, those softwares will flag everything that is suspicious to their database, which might be old or not updated.

I believe that Gigarank and other similar web hostings are makisng sure that no such as threats are visible and if so, they are deleted straight away after they come visible on the scanner.
 

Genesis

Administrator
Staff member
Meet Gigarank's own secret weapon - tech admin genius - Sir un4saken.

NEVER fear when un4saken is at the gateway. He has a good nose and years of experience with hosting servers to be able to distinguish between what is real and what is a false positive.

:drinks: :drinks: :drinks:​
 
That AV sucks. No one should ever use it. They have been having the issue since Feb. But, there has not been a real virus written in a very long time. So I would just get rid of the AV and surf without it like I do.
 

fyzz08

New member
Leaving the AV sucks apart and surf without an AV which if you were on my forum, you would have got an advertisment, can the higher staff contact ESET on their forums to ask for information about why they blocked the domain, and eventually remove it from blacklist?
 

Genesis

Administrator
Staff member
fyzz08 said:
Leaving the AV sucks apart and surf without an AV which if you were on my forum, you would have got an advertisment, can the higher staff contact ESET on their forums to ask for information about why they blocked the domain, and eventually remove it from blacklist?

@"fyzz08"

If you check an earlier post, the owner of Gigarank, DJB, had already done his investigation and found it to be a false positive. If you had done a similar search you'd have found the same result.

Check eset's discussion forum:
https://forum.eset.com/topic/7567-jsscrinjectb-and-htmlrefreshbc-false-positive/

and

https://forum.eset.com/topic/7550-wrong-detection-website-infection-jsscrinjectb/

When last did you update your anti-virus?
 

fyzz08

New member
Now, I am using latest version and I have the latest updates - same problem.

Partially problem fixed - can be closed - IP added to exclusions

Thank you for your patience @Genesis
 

dmull

New member
Genesis said:
fouadChk said:
If no one else isn't reporting anything else, that should be an ESET products issue reporting false positives.
Great observation and agreed!

I run Eset at work and never once have had this issue. Site loads perfect everytime. Only minor problems that I do have is that from time to time it does run kind of slow.
 

Genesis

Administrator
Staff member
Thanks for the valuable feedback dmull. As per request from owner of thread am closing it for now.
 
Status
Not open for further replies.