Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
JS/Obfuscus.AACB!tr as false positive?
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: JS/Obfuscus.AACB!tr as false positive? (Read 2073 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33927
malware fighter
JS/Obfuscus.AACB!tr as false positive?
«
on:
September 24, 2011, 04:37:54 PM »
Hi forum friends,
Is there malcode here? - mdl_obfuscated iframe leads to exploit kit
via stat.php and hole.php (now both seem dead, see "about:blank" found there)
:
http://www.virustotal.com/url-scan/report.html?id=999a02ff9f4ea1bbc2fc5495622efb66-1316866575
(3 /16 (18.8%)
See:
http://www.virustotal.com/file-scan/report.html?id=61b1d7bea6e5a9b8fbe818cff5f31cf2579bf540d2d090100aa09818ec66abe3-1316873778
Found benign:
http://wepawet.iseclab.org/view.php?hash=999a02ff9f4ea1bbc2fc5495622efb66&t=1316874094&type=js
maybe because of the "about:blank" there.
Vulnerability alert here:
http://urlquery.net/report.php?id=3490
and well - Oracle Java Web Start Plugin Command Line Argument Injection, CVE-2010-0886
polonus
«
Last Edit: September 24, 2011, 04:45:54 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
JS/Obfuscus.AACB!tr as false positive?