ESET seems to find HTML/ScrInject.B.Gen on a number of pages recently

I'm currently browsing the web on OS X 10.6.8, using Opera 11.60 with Javascript on a whitelist basis, and running ESET 4.0.69.0. In the last month or two I've seen at least three warnings about HTML/ScrInject.B.Gen when browsing the web. I find this odd, because that's more than I even see with my PC. Usually the infection warning for HTML/ScrInject.B.Gen is about a temporary file in the Opera Cache. I delete it in all cases.

The last time, my curiosity got the better of me, and I submitted the URL to virus total, only to find that ESET was the only scanner to claim the HTML/ScrInject.B.Gen infection, or any infection at all. I'm a bit curious about this. When attempted to contact a webmaster about this, the only reply I got was "ESET is [Expletive Deleted], get a real virus scanner", and his insistence that this was a false positive.

My question is: What type of infection is HTML/ScrInject.B.Gen? Is this something that could leverage the OS X platform in a way I'm unaware of? Is it just triggered by the presence of a few lines in the HTML, like a javascript redirect? Is it possible that I have my settings for ESET set too aggressively? Thanks for any assistance.

 

It's a detection of sites known to host malware. If you think that certain website has been flagged in error, report it to ESET as per the instructions here.

 

Thanks, Marcos. Will do, in terms of reporting false positives.

For clarification, though, if I run Javascript on a whitelist and ESET caught this, is there any risk involved of the page spreading the malware? The name makes me think it's a Javascript injection type malware, but I can't find any more information on it anywhere. Also, the pages seem to still load despite ESET flagging the temporary cache files.

 

Check out this topic for more info: https://www.wilderssecurity.com/showthread.php?t=313169

 

I guess the site itself may be alright except that it probably loads an external script which is detected and blocked. Please email ESET as advised above and include the url that the alert is triggered on.