HTML/ScrInject.B trojan

[abolfazl 0]

Hello good time
Over the past few days, a large number of site users have reported to us that some of the site's pages will not open and will be blocked by NOD32 antivirus.

The site is completely secure and there is no problem and they see the following:

HTML/ScrInject.B trojan

Blocked address (example):

hxxp:// king2net.com/11016/clash-of-clans-mod-android/

 

How can I fix this problem?

[Marcos 5,070]

First of all, this forum does not serve as a channel for reporting false positives or negatives nor for disputing detections. For instructions, refer to https://support.eset.com/kb141/.

It appears to be a different website that was blocked due to malware that it has been serving.

[abolfazl 0]

16 hours ago, Marcos said:

First of all, this forum does not serve as a channel for reporting false positives or negatives nor for disputing detections. For instructions, refer to https://support.eset.com/kb141/.

It appears to be a different website that was blocked due to malware that it has been serving.

Thank you for solving my problem

[Gentiee 0]

i submitted a request and it was resolved in seconds 

Edited January 12, 2018 by Gentiee
it was resolved

[wsand70 0]

We are seeing many alerts today!  Please don't make us have to submit every stinking URL!  Look into what the issue is.  I have had other AV sites scan them and they were all clean.

[Marcos 5,070]

1 minute ago, wsand70 said:

We are seeing many alerts today!  Please don't make us have to submit every stinking URL!  Look into what the issue is.  I have had other AV sites scan them and they were all clean.

Please see my response above.

[DanielGrigori 0]

This is another false alert. There is nothing wrong with this site. Please solve the problem. The site is hosted on the blogger platform.

[Marcos 5,070]

18 minutes ago, DanielGrigori said:

This is another false alert. There is nothing wrong with this site. Please solve the problem. The site is hosted on the blogger platform.

This was likely resolved almost 2 hours before you had posted. Please check it out again.

[DanielGrigori 0]

5 minutes ago, Marcos said:

This was likely resolved almost 2 hours before you had posted. Please check it out again.

checked right now. the same result. see the clock in my screnshoot

[wsand70 0]

46 minutes ago, Marcos said:

Please see my response above.

Thank you Marcos.  It appears these are malicious, not false positives.  Thanks for looking into my list via email.  For others reading this, it was cryptocurrency miner scripts.  We have seen other detections labeled as such.  This would be good to define this one as crypto miner script?

[Marcos 5,070]

2 minutes ago, DanielGrigori said:

checked right now. the same result. see the clock in my screnshoot

No problems here. It could be that you have LiveGrid disabled or it doesn't work properly. Is CloudCar detected as "Suspicious object" upon download?

[DanielGrigori 0]

7 minutes ago, Marcos said:

No problems here. It could be that you have LiveGrid disabled or it doesn't work properly. Is CloudCar detected as "Suspicious object" upon download?

CloudCar is not detected as "Suspicious object" after download. LiveGrid is enabled. WebSite still blocked.

[Marcos 5,070]

3 minutes ago, DanielGrigori said:

CloudCar is not detected as "Suspicious object" after download. LiveGrid is enabled. WebSite still blocked.

That is the problem - LiveGrid isn't working for you for some reason so you'll need to wait for the next update to get this fixed. I'd recommend creating a new topic with this issue where we will assist you with further troubleshooting. Also according to the screen shot you are using EAV v8 which lacks several protection features supported by Windows 10. I'd strongly recommend upgrading to the latest v11.