This repository has been archived by the owner on May 18, 2024. It is now read-only.
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
-
I'm using Jackett with plex_debrid and for the most part it works fine. However, I get this warning notification continuously every minute or two.
eset NOD32 AntiVirus notification
"Threat removed
A threat (HTML/ScrInject.B) was found when JackettConsole tried to access a website (127.001:8191).
The access has been blocked"
eset NOD32 AntiVirus Log
"Time: 9/27/2023 5:20:13 PM
Scanner: HTTP filter
Object type: file
Object: http://127.0.0.1:8191/v1
Detection: HTML/ScrInject.B trojan
Action: connection terminated
User: NT AUTHORITY\SYSTEM
Information: Event occurred during an attempt to access the web by the application: C:\ProgramData\Jackett\JackettConsole.exe (052D5A7AAA9CFBC845DE853D94DE66C65335A409)
Hash: 68A6DEDDABF240FFC9D4E23A45E99A278A5F4BD5"
I can't tell from the notifications if it's telling me that JackettConsole is a problem, or if it has detected a script on one of the index sites. If it is one of the index sites, I don't know how to figure out which one it could be.
Here's my indexers:
1337x
ExtraTorrent.st
EZTV
iDope
Internet Archive
Isohunt2
kickasstorrents.ws
Knaben
LimeTorrents
LimeTorrents
Nyaa.si
The Pirate Bay
Torrent
TorrentDownload
TorrentGalaxy
Torrenting
Torrentz2eu
YTS Public
I had kickasstorrents.to as well, but as part of my troubleshooting I clicked through to each indexer site from the Jackett page and that site gave me:
kickasstorrents.to
Threat found
This web page may contain dangerous content that can provide remote access to an infected device, leak sensitive data from the device or harm the targeted device.
Threat: HTML/ScrInject.B trojan
Access to the web page has been blocked. Your computer is safe.
So I deleted kickasstorrents.to from my indexers. However the notifications continue even after several reboots.
When I look in the Jackett log I'm getting a lot of
"Error: Jackett.Common.IndexerException: Exception (extratorrent-st): A task was canceled."
but that error is a timeout. I thought that perhaps that site is a source of the threat but I deleted it from the index and the threat notice still shows up. The error in the log does clear.
I know I can add an exception in NOD32 but I'm afraid to do that if it opens a door for a nasty script.
Anyone run into a situation like this, or have hints on how to troubleshoot? Thanks.
Using HTTP Client: HttpWebClient2
Using FlareSolverr: http://127.0.0.1:8191
Using proxy: Disabled
App config/log directory: C:\ProgramData\Jackett
ThreadPool MaxThreads: 1023 workerThreads, 1000 completionPortThreads
Running in Docker: No
Jackett variant: CoreWindows
OS version: Microsoft Windows NT 10.0.19045.0 (64bit OS)
Environment version: 6.0.22 (C:\ProgramData\Jackett)
Starting Jackett v0.21.919
Beta Was this translation helpful? Give feedback.
All reactions