Jump to content

1st part of site is fine, 2nd part apparently has HTML/ScrInject.B trojan?


Recommended Posts

URL shortener site in question: https://tokenfly.pw/medhQB

1st part of site with an "enter the words" CAPTCHA is fine according to NOD32, but after entering the CAPTCHA and the page refreshes (the URL is exactly the same) NOD32 blocks it.

anybody have a virtual machine or a sandbox to determine if there's a false positive in the 2nd part of the site or if it's safe to go through anyway?

thanks in advance.

Link to comment
Share on other sites

  • Administrators

It appears that a lot of ads pop up on the site and the ads urls are blocked. I don't think a normal page should contain more ads than necessary. It's definitely not a behavior desired by users.

image.png

Link to comment
Share on other sites

1 minute ago, Marcos said:

It appears that a lot of ads pop up on the site and the ads urls are blocked. I don't think a normal page should contain more ads than necessary. It's definitely not a behavior desired by users.
 

sorry for that, these URL shortening sites are riddled with those since that's how they make money apparently.

uBlock Origin takes care of 99% of the ads if you have it installed.ss.thumb.png.6026e4a16847985fef2e365fcfef8450.png

but the problem is after entering the CAPTCHA I get the "HTML/ScrInject.B trojan blocked" screen.

I need to get through this blocked screen and I'm wondering if there actually is a trojan on this page or if it's a false positive and I can pause NOD32 protection with uBlock Origin still doing work.

Link to comment
Share on other sites

On 3/22/2019 at 5:18 AM, Marcos said:

I'll look into it, however, I'm afraid that without unblocking the aggressive ad domains it won't be possible.

any updates? is the page after entering the CAPTCHA safe to traverse through?

Link to comment
Share on other sites

  • Most Valued Members
3 hours ago, confusedbloke said:

any updates? is the page after entering the CAPTCHA safe to traverse through?

CAPTCHA's job is to make sure they separate Human visitor from a Bot visitor , it doesn't protect you against malicious contents.

Link to comment
Share on other sites

On ‎3‎/‎22‎/‎2019 at 8:13 AM, confusedbloke said:

but the problem is after entering the CAPTCHA I get the "HTML/ScrInject.B trojan blocked" screen.

It appears to me Eset is detecting something on the captcha web page and blocking it. My experience with such an occurrence is there might be other malware attempting to be served up from such a web page. So proceeding to enter data, etc. on that web page is done at your own peril.

What you can try is suspending uBlock for that web page and observing what Eset detects on the web page.

Link to comment
Share on other sites

2 hours ago, Rami said:

CAPTCHA's job is to make sure they separate Human visitor from a Bot visitor , it doesn't protect you against malicious contents.

never thought it did, I know what CAPTCHA is. my issue is with the page revealed after completing the CAPTCHA.

Link to comment
Share on other sites

2 hours ago, itman said:

It appears to me Eset is detecting something on the captcha web page and blocking it. My experience with such an occurrence is there might be other malware attempting to be served up from such a web page. So proceeding to enter data, etc. on that web page is done at your own peril.

What you can try is suspending uBlock for that web page and observing what Eset detects on the web page.

 

1 hour ago, Marcos said:

We'll keep the address blocked. If you want to allow access at your own risk, you can add the blocked address to the list of allowed addresses:

image.png

guess I'll leave that site alone then. thanks for your replies and advice, appreciate it.

Link to comment
Share on other sites

  • Most Valued Members
15 minutes ago, confusedbloke said:

never thought it did, I know what CAPTCHA is. my issue is with the page revealed after completing the CAPTCHA.

Then your problem is with the website after you have been verified as human and taken to the next page and then you get that address is blocked or somekind of detection , then the malicious content is within the page you are visiting , CAPTCHA has nothing to do with it. with or without it you are going to get the same thing.

Link to comment
Share on other sites

1 hour ago, Rami said:

Then your problem is with the website after you have been verified as human and taken to the next page and then you get that address is blocked or somekind of detection , then the malicious content is within the page you are visiting , CAPTCHA has nothing to do with it. with or without it you are going to get the same thing.

yes, this has all been established in the earlier posts, thanks for repeating it.

Link to comment
Share on other sites

  • Most Valued Members
38 minutes ago, confusedbloke said:

yes, this has all been established in the earlier posts, thanks for repeating it.

No I am not repeating what have been said before in earlier posts , I thought you had a trouble understanding the CAPTCHA and how actually it works , so I tried to describe it to you with my words , all I tried to do is help , it seems that I was no help , it's fine , don't go mad over it ;)

Link to comment
Share on other sites

14 minutes ago, Rami said:

No I am not repeating what have been said before in earlier posts , I thought you had a trouble understanding the CAPTCHA and how actually it works , so I tried to describe it to you with my words , all I tried to do is help , it seems that I was no help , it's fine , don't go mad over it ;)

haha, you're definitely repeating what's already been said and you need some ESL classes if that's what you think the CAPTCHA is the issue 🙂

keep trolling though, really shows how smart you are ;)

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...