Blacklist servscrpt.de

Graham,
I know it might not be what you're entirely looking for, but, at least for now, you could edit the hosts file present at the path "C:\Windows\System32\drivers\etc" and block the address from being sucessfully opened. Remember you'll have to run the text editor (notepad, why not?) as an administrator and open the file through the own notepad prompt (ctrl + 0). After this, go to the last line and create a new one with "127.0.0.1" (which is the localhost used for loopbacks; learn more here (https://en.wikipedia.org/wiki/Localhost)) plus the address targeted. You also should preferably press the "tab" key to separate a parameter from each other.
It seems this threat comes from some kind of action triggered by Crosspilot. Discussions are being proposed across other forums too, I see.  
Hope this helps!

Hello Graham.
We'd be glad to help.
Could you click 'See details', on the threat detection pop up and share a screenshot ( https://bit.ly/3bfwDpw ) of it?
Do you receive this on all searches or upon visiting particular website?

Like many reporting on here this pop up comes up on Google when I search for things. I do not use any other browsers. Can be many different websites but interestingly as an American Express Credit card user I am often taken to the German Amex site and struggle to reach the UK site sometimes. This has been occurring for several months and I have worked around it but now this pop up from AVG has started notifying me of the servscrpt.de issue and as it is .de I presume it is an issue  / attack generated from Germany or at least purporting to be from Germany but I guess with a VPN it could be coming from anywhere. It seems that restarting the browser, updating AVG, restarting the PC etc does not work for anyone as it keeps coming back so I guess AVG have no idea what is causing this or the other similar issues reported by others. Could it be a Google extension issue or a piece of code buried deep inside an update? Lets hope your experts work this one out soon. search for www.Runnersneed.com

Graham,
I know it might not be what you're entirely looking for, but, at least for now, you could edit the hosts file present at the path "C:\Windows\System32\drivers\etc" and block the address from being sucessfully opened. Remember you'll have to run the text editor (notepad, why not?) as an administrator and open the file through the own notepad prompt (ctrl + 0). After this, go to the last line and create a new one with "127.0.0.1" (which is the localhost used for loopbacks; learn more here (https://en.wikipedia.org/wiki/Localhost)) plus the address targeted. You also should preferably press the "tab" key to separate a parameter from each other.
It seems this threat comes from some kind of action triggered by Crosspilot. Discussions are being proposed across other forums too, I see.  
Hope this helps!

Hello Graham.
We'd be glad to help.
Could you click 'See details', on the threat detection pop up and share a screenshot ( https://bit.ly/3bfwDpw ) of it?
Do you receive this on all searches or upon visiting particular website?