HTML:Script-inf

[ejlegg]

Avast is now blocking my Cruise Critic webpage.  It is saying that it is infected with HTML:Script-inf.  Is that a legitimate block or is this a false positve?  Does anyone know?  I submitted a false positive report to Avast.

Looking forward to hearing - and thanks.

ejlegg

[polonus]

Hi ejeg,

What is the site's url, post like htxp or wxw?

polonus

[DavidR]

Another topic on this, http://forum.avast.com/index.php?topic=99873.0.

[samsung1]

I'm having the same issue and its driving me nuts. What is the solution?

[DavidR]

Hard to say there are at least two suspect scripts on the page, which don't follow the same sort of layout as the others. So there is a possibility that one or both of these has been injected into the page and attempts to connect to a malicious site..

[samsung1]

So this could be legit that we are being blocked out of this site? Are people with other virus protections being blocked? Its just so odd.

[DavidR]

When I see a single line of a script tag, which is attempting to run a an active page on a remote site (not the one you are on), I get very suspicious. So there is a possibility that the page may have been hacked.

[samsung1]

Ok thanks I'm not computer savvy enough to see that when I try to log on but that makes sense. Typically how long does the website take to figure this out and fix it? Also a technical question, some could of "hacked" the website, what does that mean and what do they intend to do when they do that? Is it just to be a pain in the neck or something worse? Just some curious questions.

[polonus]

Re: http://forum.avast.com/index.php?topic=99881.msg797130#msg797130

polonus

[ejlegg]

First of all, thanks for getting back.  I am however not getting a solution as yet. To answer one of the first questions, the URL is hxxp://boards.cruisecritic.com.  I have emailed the webmaster of that site but have not heard back as yet.  I continue to have the problem today.  Avast is only blocking that one webpage. 

One of the workarounds is to disable the webshield.  However only do that if you think that it is a false positive.

Ted Legg

[ejlegg]

Another topic on this, http://forum.avast.com/index.php?topic=99873.0.

Thanks.  Ted Legg

[samsung1]

There's got to be a solution here, this is ridiculous. Its going on 2 days now, and this is getting really annoying. I emailed the webmaster too and have not gotten a response either.

[true indian]

reply from virus analyst milos...detection correct:
http://forum.avast.com/index.php?topic=99881.msg797130#msg797130

[DavidR]

First of all, thanks for getting back.  I am however not getting a solution as yet. To answer one of the first questions, the URL is hXXp://boards.cruisecritic.com.  I have emailed the webmaster of that site but have not heard back as yet.  I continue to have the problem today.  Avast is only blocking that one webpage. 

One of the workarounds is to disable the webshield.  However only do that if you think that it is a false positive.

Ted Legg

Please 'modify' your post change the URL from http to hXXp (as I have done in the quote above), to break the link and avoid accidental exposure to suspect sites, thanks.

Disabling the web shield is not a workaround shooting the messenger isn't advisable, given as this detection has been confirmed by one of the avast virus labs team.

Hello,
there is blocked script tag, which leads to "phpinclude-bin.com".

Milos

[ejlegg]

Thanks.  URL modified as suggested - again, with thanks.  Also, saw that comment from Milos somewhere else.  Hope he gets it fixed soon.  Many Cruise Critic-ers were in the middle of putting tours together and would like to continue to do so.

Ted Legg