Jump to content

HTML/ScrInject.B trojan


abolfazl
 Share

Recommended Posts

Hello good time
Over the past few days, a large number of site users have reported to us that some of the site's pages will not open and will be blocked by NOD32 antivirus.

The site is completely secure and there is no problem and they see the following:

HTML/ScrInject.B trojan

Blocked address (example):

hxxp:// king2net.com/11016/clash-of-clans-mod-android/

 
How can I fix this problem?

NOD32.jpg.0bf141eb4f22673dfc0255a4a54d4fda.jpg

Link to comment
Share on other sites

  • Administrators

First of all, this forum does not serve as a channel for reporting false positives or negatives nor for disputing detections. For instructions, refer to https://support.eset.com/kb141/.

It appears to be a different website that was blocked due to malware that it has been serving.

Link to comment
Share on other sites

16 hours ago, Marcos said:

First of all, this forum does not serve as a channel for reporting false positives or negatives nor for disputing detections. For instructions, refer to https://support.eset.com/kb141/.

It appears to be a different website that was blocked due to malware that it has been serving.

Thank you for solving my problem
Link to comment
Share on other sites

  • 1 month later...

We are seeing many alerts today!  Please don't make us have to submit every stinking URL!  Look into what the issue is.  I have had other AV sites scan them and they were all clean.

Link to comment
Share on other sites

  • Administrators
1 minute ago, wsand70 said:

We are seeing many alerts today!  Please don't make us have to submit every stinking URL!  Look into what the issue is.  I have had other AV sites scan them and they were all clean.

Please see my response above.

Link to comment
Share on other sites

  • Administrators
18 minutes ago, DanielGrigori said:

This is another false alert. There is nothing wrong with this site. Please solve the problem. The site is hosted on the blogger platform.

This was likely resolved almost 2 hours before you had posted. Please check it out again.

Link to comment
Share on other sites

46 minutes ago, Marcos said:

Please see my response above.

Thank you Marcos.  It appears these are malicious, not false positives.  Thanks for looking into my list via email.  For others reading this, it was cryptocurrency miner scripts.  We have seen other detections labeled as such.  This would be good to define this one as crypto miner script?

Link to comment
Share on other sites

  • Administrators
2 minutes ago, DanielGrigori said:

checked right now. the same result. see the clock in my screnshoot

No problems here. It could be that you have LiveGrid disabled or it doesn't work properly. Is CloudCar detected as "Suspicious object" upon download?

Link to comment
Share on other sites

7 minutes ago, Marcos said:

No problems here. It could be that you have LiveGrid disabled or it doesn't work properly. Is CloudCar detected as "Suspicious object" upon download?

CloudCar is not detected as "Suspicious object" after download. LiveGrid is enabled. WebSite still blocked.

Screenshot (22).png

Link to comment
Share on other sites

  • Administrators
3 minutes ago, DanielGrigori said:

CloudCar is not detected as "Suspicious object" after download. LiveGrid is enabled. WebSite still blocked.

That is the problem - LiveGrid isn't working for you for some reason so you'll need to wait for the next update to get this fixed. I'd recommend creating a new topic with this issue where we will assist you with further troubleshooting. Also according to the screen shot you are using EAV v8 which lacks several protection features supported by Windows 10. I'd strongly recommend upgrading to the latest v11.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...