detection is correct..
https://www.virustotal.com/file/fd0f6e66cc6458406ecd467870a4aaee69888024a2c53a8ed27a188492fb384d/analysis/1339844821/there is a suspicious type of redirection or miscripted thingy in HTML format to some sort of parked site...see screenshot..also its hosting the ga.js thingy from google...if u use the search function in the forum...u can find some ga.js baddies..if site is accessed...it tries to load some content from third party google stuff and also from hxtp://www.safesurf-check.com/gate.php
which is correctly blocked by network shield....We are being protected!
also there is typo sqatting domain with same URL and it is disboard.com...so be careful before u type URL address in
wxw.disboards.com/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=384 benign
[nothing detected] (script) wxw.disboards.com/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=384
status: (referer=wxw.disboards.com/)saved 36628 bytes 5549ff428576843dcbb70b9986e77dfbec09853a
info: [decodingLevel=0] found JavaScript
error: undefined function O.addEventListener
error: undefined variable O
suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes
info: Decoding option navigator.systemLanguage=en and navigator.systemLanguage=zh-cn and browser=IE7/XP and browser=IE8/Vista, 271 bytes
info: Decoding option browser=Opera and browser=Firefox, 0 bytes
file: 5549ff428576843dcbb70b9986e77dfbec09853a: 36628 bytes
file: 07bd65a8feb00a90b39a7fcbb4cd33975af352d9: 37177 bytes
file: af2f5b73dcc4d5b0277f91e2c21dfde034e5cbd1: 271 bytes
ON safe-surf.com site here is a suspicious thingy found:
var _0x3bb1=["\x68\x61\x73\x68","\x6C\x6F\x63\x61\x74\x69\x6F\x6E","\x68\x72\x65\x66","\x23","\x72\x65\x70\x6C\x61\x63\x65","\x69\x6E\x69\x74"];SecBanner={init:function (){if(window[_0x3bb1[1]][_0x3bb1[0]]){} else {location[_0x3bb1[4]](document[_0x3bb1[1]][_0x3bb1[2]]+_0x3bb1[3]);} ;} };SecBanner[_0x3bb1[5]]()
If u were able to access the site even after avast blocking it...then u will need to clear your temp files as it may have dropped the malicious rediector in your temp