Avast WEBforum
Other => Viruses and worms => Topic started by: valeriverab on September 05, 2012, 05:14:28 PM
-
Is it possible that this is a false positive malicious? my website is xww.integralhouse.com
Thank you very much For your time
-
Hi valeriverab,
I can access most pages in the list (Control de plagas domésticas..Venta de equipos) with no problem.
But got a warning on hXXp://www.integralhouse.com/quimica-integral/ File .../bk_dotted_thick.png |{gzip}
Can you test this file on virustotal (https://www.virustotal.com/) and let us know the results?.
Best regards,
-
-> http://sitecheck.sucuri.net/results/www.integralhouse.com/
-> http://zulu.zscaler.com/submission/show/60aa5262719ab55170bb32c068f4c5aa-1346859253
-
Hi
Break that link (hxtp or wXw) - Sorry for you but the site is given as really infected: http://sitecheck.sucuri.net/results/www.integralhouse.com/
See: http://labs.sucuri.net/db/malware/mwjs-include-rebots?v2
polonus
-
So, early infection first detected by avast.
Thanks Polonus, hXXp still not automatic.
-
Hi Kwartet!
Well that is what we learn all new posters first to break possible suspicious and malicious links using hxtp or wXw or some use wWw or -www, there are more ways to break a link. Often posters forget and the mods do the breaking on request...
Second main rule is never give active code or parts of code on the forums, always present in the form of an image. Also use a program to work on the image so identifiable data could be taken out. (I use PicPick combined with PhotoFiltre - free proggies) Normal code or even parts of malcode without the active payload even could set off the alarm-bells at avast. Sometimes when I am scanning code with a fileviewer avast will alert to it and break off the connection, sometimes even when code is being given via a webproxy or in malzilla or analyzed elsewhere...
And that is a good thing because an ounce of preventing is worth ten kilo's of cleansing after the fact of having been connecting to malcode...
polonus