Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Defence on December 27, 2009, 05:12:19 PM
-
Hi,
when ı visit this web site, wXw.pckoruma.co.cc , avast say virus has been detected, is it true or wrong alarm?
-
Is the link you posted correct? If so the link must be dead, I get nothing to open.
-
Yes the link is correct and work, ı try now.
-
Please 'modify' your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.
You don't say what the malware name was ?
Or the full URL of the detection as I have check that link (which worked for me) and found nothing and no alert.
-
Re-checked the link and got no detection as well.
-
"HTML:Script-inf" has been found in "hxxp://4sql.net/notify/1.php\{gzip}" file
"HTML:Script-inf" has been found in "hxxp://ifastnet.com/notify/1.php\{gzip}" file
This is avast log records, but today ı visit again this web site and avast not detect anything.
-
So these are different from the original URL, so presumably the original URL is trying to connect to the 2 URLs you posted or this is different.
If it was script injection (what the malware name indicates) on the first site URL you gave cleaned up the injected scripts then there would be no attempt to run an off-site script.
Both the 4sql.net and ifastnet.com have a poor rep, so perhaps not strange that avast would alert.
http://www.mywot.com/en/scorecard/4sql.net (http://www.mywot.com/en/scorecard/4sql.net)
http://www.mywot.com/en/scorecard/ifastnet.com (http://www.mywot.com/en/scorecard/ifastnet.com)