Author Topic: Trojan Horse Blocked=HTML IFrame  (Read 3761 times)

0 Members and 1 Guest are viewing this topic.

Shalimar

  • Guest
Trojan Horse Blocked=HTML IFrame
« on: June 11, 2010, 06:03:39 AM »
FYI...
About 45 minutes ago, I was searching "Tryit Editor" and from the search page, I clicked on a URL and my Avast 5.0 home edition alerted me, saying:
 Trojan Horse Blocked
  Infection: HTML IFrame - EP [Trj]

  (C programsx86MozillaFirefox...etc)
The URL I tried to connect to was aborted by Avast, and the URL is:
  hXXp//wXw.onlinesupportcentre.com/tickets/upload/media/resource636.htm

I went to the Unmask Parasites website and it showed:
 This page seems to be <suspicious>
 1 suspicious inline script found. 
 Google:  not currently listed as suspicious* 
The long suspicious script:
var e = "editor tryit";   function X(hu,p){if(!p){p='&I$u_+H]{8Qicj4oJ6-MUZt)|BVvLSrE@Fg,dOfe/p[7Alh....

I wanted to report it here to the Avast forum...for my two cents worth!

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37505
  • Not a avast user

Sartigan

  • Guest
Re: Trojan Horse Blocked=HTML IFrame
« Reply #2 on: June 11, 2010, 05:36:28 PM »
Web Of Trustâ„¢: Suspicious, see: http://www.mywot.com/en/scorecard/onlinesupportcentre.com

Offline polonus

  • Avast Ãœberevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Trojan Horse Blocked=HTML IFrame
« Reply #3 on: June 11, 2010, 11:18:29 PM »
Hi malware fighters,

Also read about the threat of iFrame banner ads: http://www.secureworks.com/research/threats/iframeads/

example: as.adwave*com - URL: Forbidden
classified as dangerous: http://hosts-file.net/?s=64.135.77.110
malicious content: http://www.mywot.com/en/scorecard/as.adwave.com

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!