Virus alerts from office.microsoft.com ?

Discussion in 'ESET NOD32 Antivirus' started by dsi-ap, Oct 28, 2011.

Thread Status:
Not open for further replies.
  1. dsi-ap

    dsi-ap Registered Member

    Joined:
    Jul 4, 2005
    Posts:
    118
    Location:
    UK
    Hi All

    We had a few machines on the network report alerts from office.microsoft.com.

    Using ESET NOD32 Antivirus v4.2.71.2 / signature 6583 ( 20111028 )

    Code:
    ESET NOD32 Antivirus: Threat alert
    
    28/10/2011 15:36:06 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/helphome14.aspx?NS=EXCEL&VERSION=14&LCID=1033&SYSLCID=2057&UILCID=1033&AD=1&tl=2 contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:36:14 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/searchresults14.aspx?NS=EXCEL&VERSION=14&LCID=1033&SYSLCID=2057&UILCID=1033&AD=1&tl=2&Query=developer&Scope=HP,HA,RZ,FX,XT,XP,VA,DC,EM,LX contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:36:16 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/searchresults14.aspx?NS=EXCEL&VERSION=14&LCID=1033&SYSLCID=2057&UILCID=1033&AD=1&tl=2&Query=developer&Scope=HP,HA,RZ,FX,XT,XP,VA,DC,EM,LX contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:36:17 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/helppreview14.aspx?AssetId=HA101819080&lcid=2057&NS=EXCEL&Version=14&tl=2&respos=0&CTT=1&queryid=73d0ffc7-01cd-43f9-88a1-9e4e61958e82 contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:36:28 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/helppreview14.aspx?AssetId=HA101819080&lcid=2057&NS=EXCEL&Version=14&tl=2&respos=0&CTT=1&queryid=73d0ffc7-01cd-43f9-88a1-9e4e61958e82 contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:36:39 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/helppreview14.aspx?AssetId=HA101819080&lcid=2057&NS=EXCEL&Version=14&tl=2&respos=0&CTT=1&queryid=73d0ffc7-01cd-43f9-88a1-9e4e61958e82 contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:36:39 - Module HTTP filter - Threat Alert triggered on computer LAPTOP:  http://office.microsoft.com/client/helppreview14.aspx?AssetId=HA101819080&lcid=2057&NS=EXCEL&Version=14&tl=2&respos=0&CTT=1&queryid=73d0ffc7-01cd-43f9-88a1-9e4e61958e82 contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:37:21 - Module Real-time file system protection - Threat Alert triggered on computer LAPTOP:  C:\USERS\user\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\VWWOP9LO\HELPHOME14[1].HTM contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:37:22 - Module Real-time file system protection - Threat Alert triggered on computer LAPTOP:  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VWWOP9LO\helphome14[2].htm contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:37:23 - Module Real-time file system protection - Threat Alert triggered on computer LAPTOP:  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZI03URIQ\helppreview14[1].htm contains HTML/ScrInject.B.Gen virus.
    28/10/2011 15:37:24 - Module Real-time file system protection - Threat Alert triggered on computer LAPTOP:  C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MAO6815\helppreview14[1].htm contains HTML/ScrInject.B.Gen virus.
    
    Is this a false positive?
     
  2. rcash

    rcash Registered Member

    Joined:
    Dec 5, 2007
    Posts:
    56
    I contacted Eset support and they confirmed it is a false positive and should have it fixed with the next update.
     
  3. techie007

    techie007 Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    125
    Location:
    Ontario, Canada
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,133
    Location:
    New England
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.