Unless you checked that file (rriframe.flat.min.js?) in your Chrome cache folder with multiple other AV programs or at VirusTotal or elsewhere, and didn't just believe the false detect by your AV, your method is flawed.
2 out of 58 engines at VirusTotal currently flag it, they are different AV engines than the ones that flagged it last week, and the detections are typical generic detections.
If by verified, you mean you deobfuscated and reverse engineered the file yourself, and can show me the malicious code, then I'm all ears.
It also sounds like you read none of the info in the links to the other similar threads that explains about the file (or files) that trigger the false detections.
If you had read what i referenced, you would understand that eBay is using some heavily obfuscated JavaScript files on the login page for anti-bot detections, those files are downloaded to your browser cache same as any website HTML, script, image, etc files, and at various times recently, a handful of AV suites (Avast, AVG, Norton, and now whatever you are using)
cried wolf likely because of the obfuscated nature of the files alone (the flawed assumption that only bad guys obfuscate scripts).
Of course it comes back when you visit the eBay login page. It is one of eBay's files used in the login process.
I just checked, and eBay again hasn't changed a single byte in that file (rriframe.flat.min.js), so it appears that the AVs that were crying foul pushed out updates and no longer detect it as malware - which make the original detections false detections by definition.
(If your AV is detecting it at the request stage and alerting on it, I'm not sure how it is being allowed to download, since most I'm familiar with that operate realtime block the download on detection).
Millions of other eBay users aren't seeing the same thing (most of whom would be running AV, and whose various AV suites would also be alerting if there was a real threat and not a generic detection that is a false positive), based on the lack of general outcry or more than a handful of posts here, and on the internet for your specific detection (Script.Exploit.Kit.D@gen) a ton of FUD by low reputation removal sites wanting to sell "fixes". Not a single "legitimate" security outfit actually confirming a problem.
Additionally, detection of a single script file, is not the same thing as an actual full blown malware infection with executable files, registry changes, browser changes, etc.
Come back when you have any proof other than "My AV said generic malware", because 99 times out of 100 it turns out that the AV makers screwed up, and had the generic pattern detection routines turned up to 11.
Regards,
