ESET alerts on download sites

[funkyy]

Hopefully I'm posting this in the correct place (for a change!!). I've noticed in the last few weeks a gradual increase in the number of download pages that ESET is "detecting" HTML/ScrInject.B trojan.

This is happening on sites that I have visited frequently for years....suddenly most of them are displaying this red warning when you try to get past the captcha to view the download links (pages like KeepLinks for example). At first it was just the odd time, but the alerts have been ramped up until it's virtually impossible to reach the links...unless you want to disable your anti virus temporarily to do so.

I find it strange and suspicious that suddenly so many of these sites are "infected". It smells of fear tactics...scare people away from movie download sites. I wonder if "someone" has made a profitable deal with "someone" to employ this very effective anti piracy tactic? Has anyone else noticed this new "phenomena"?😀😀😀

[Carolus]

Yes, same effects, Grr !! 😆

[exodius]

Same for me, probably the site using script ads that contains malware.

I've issue like you, read here https://github.com/uBlockOrigin/uAssets/issues/5828

That site is my fav site for years, and suddenly blocked by eset. After report to uBO, that issue fixed. I test to open that site , now works without any red alert /blocked by eset.

[Kalju]

This site is absolutely clean, if You till today didn't know, then know from now, this site and servers belongs to Microsoft. 
If You have problem, then the problem is Eset itself. It's time to understand, that such a antivirs programs all are useless, they dont work. They are itself malware, made for making money only.
Currently doesn't exist absolutely any antivirus programs, that can today protect somebody or something. Doesn't exist, remember that.
All what are recommended everywhere, it is fake, false, etc info. Such a viruses what they are able detect, doesn't exist already 20 years.

If You really believe in it, then here one result, what have made the same protect providers, what are blocking You on Your pc.

Spoiler

 

 

 

[exodius]

53 minutes ago, Kalju said:

This site is absolutely clean, if You till today didn't know, then know from now, this site and servers belongs to Microsoft. 
If You have problem, then the problem is Eset itself. It's time to understand, that such a antivirs programs all are useless, they dont work. They are itself malware, made for making money only.
Currently doesn't exist absolutely any antivirus programs, that can today protect somebody or something. Doesn't exist, remember that.
All what are recommended everywhere, it is fake, false, etc info. Such a viruses what they are able detect, doesn't exist already 20 years.

If You really believe in it, then here one  is result, what have made the same protect providers, what are blocking You on Your pc.

 

I don't talk about github site. See github issue made by me!

[ashish1989]

Many download sites are blocked by eset, any suggestions how to unblock them

[zanderthunder]

7 hours ago, ashish1989 said:

Many download sites are blocked by eset, any suggestions how to unblock them

Very easy. Just follow this tutorial.

 

1. Open ESET, and open the Advanced Setup window by pressing F5 or accessing Setup → Advanced setup (located at bottom right of the program).

2. Click Web and Email → Web access protection.

3. Expand URL Address Management and then click Edit next to Address list.

4. Select List of addresses excluded from content scan and then click Edit.

5. Click Add in the Edit list window.

6. Type the website or domain you want to exclude in the Enter a mask that specifies a URL address field and click OK (for each website you add, be sure to either include "www." or a wildcard "*" symbol, as in "www.eset.com" or "*eset.com*" or *eset*).

7. When you are finished excluding websites, click OK to save your changes (allow UAC prompt) and exit the Advanced setup window.

 

If it doesn't work, you need to further unblock the site by repeating step 4-6, with inserting these blocked addresses under List of allowed address also, so that forcing ESET to unblock these "blocked" websites.

 

The blocked websites will be unblocked once the settings are saved. Tested and verified.

 

p/s: The tutorial is derived from https://support.eset.com/kb2960/ , with some inputs from me as well.

 

p/s 2: This tutorial can only be done if you trust the website well (and you believe that it is a false detection), please double check the loading of the website on your PC/Laptop installed with other reputable antivirus such as Kaspersky.

[ashish1989]

Well I was not doing the step 4, will try it now and great explanation by the way

[zanderthunder]

2 minutes ago, ashish1989 said:

Well I was not doing the step 4, will try it now and great explanation by the way

The method that I mentioned, I use to unblock zippyshare websites and other sites. But should be working for other sites with false-positive detection as well.

 

If still can't understand, here's a little bit of video tutorial here (should be same for all releases and all versions even though the video uses version 10 of ESET product).

 

[ashish1989]

29 minutes ago, Edward Raja said:

The method that I mentioned, I use to unblock zippyshare websites and other sites. But should be working for other sites with false-positive detection as well.

 

If still can't understand, here's a little bit of video tutorial here (should be same for all releases and all versions even though the video uses version 10 of ESET product).

 

Just tested this method and works like charm

[zanderthunder]

Just now, ashish1989 said:

Just tested this method and works like charm

Glad to hear that.

 

By the way, while ESET is good but it does have problem with Web Protection, over-relying on website "blacklist" rather than script-checking verification process.

[ashish1989]

Just now, Edward Raja said:

Glad to hear that.

 

By the way, while ESET is good but it does have problem with Web Protection, over-relying on website "blacklist" rather than script-checking verification process.

One more thing, now the website is not blocked but whenever the site is opened eset pops up a message that a threat is found, delete or ignore

[zanderthunder]

5 minutes ago, ashish1989 said:

One more thing, now the website is not blocked but whenever the site is opened eset pops up a message that a threat is found, delete or ignore

delete it every time the pop-up comes out. still need to research on how to get rid of the scrinject detection message once and for all.

 

if possible, do this also:

Report a suspicious website or false positive website via email

Please create and send an email with the following information:

1. In the Subject line: If you are reporting a blocked website that may contain potentially dangerous content, include Domain whitelist followed by the blocked domain (such as, www.blockeddomain.com).
2. In the body of the email: Include the URL(s) being blocked or that you found suspicious.
   • Why you think it is a false positive report. Please provide as much information as possible about the source of the software, including the name of the developer, the name and version application.
   • If you are reporting a blocked website, please provide the complete URL that is blocked. Enclosing a screen shot of the notification about the blockage is recommended
3. Send the email to: [email protected].

If the issue is not resolved within three days and the matter is urgent, please send a follow-up email message with the following information:

• Subject line of email that was sent to [email protected].
• Date and time of email.
• Email address you sent it From.