Author Topic: False Positive URL:Mal (Read 17256 times)

pavelsaharuk125rus · « **Reply #15 on:** January 10, 2012, 06:39:43 AM »

My url http://foto.pro-digiworld.info/ avast is bloked. what is problem. Virus is not have on my site.
http://www.urlvoid.com/scan/foto.pro-digiworld.info - CLEAN

Pondus · « **Reply #16 on:** January 10, 2012, 06:49:41 AM »

First always start a new topic when you have problems
you find the blue "NEW TOPIC" button in top right corner here http://forum.avast.com/index.php?board=4.0

Quote

Virus is not have on my site.

Sucuri say - INFECTED (click screen shot to enlarge)

Info: Description:Encoded javascript using a packer by Dean Edwards
http://sucuri.net/malware/malware-entry-mwjsdepack

Jotti - http://virusscan.jotti.org/en/scanresult/5e9dc6a884423cfac7109336a6e39e01a6ea6efe

polonus · « **Reply #17 on:** January 10, 2012, 06:46:36 PM »

This part of the code there is suspicious:
-foto.pro-digiworld.info/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3 suspicious
[suspicious:2] (ipaddr:176.9.40.38) (script) -foto.pro-digiworld.info/wp-content/plugins/nextgen-gallery/shutter/shutter-reloaded.js?ver=1.3.3
   status: (referer=-foto.pro-digiworld.info/)saved 9986 bytes fd7e089a6c10d591dc15faf54395bb5a8b74a1ea
   info: [img] -foto.pro-digiworld.info/wp-content/plugins/nextgen-gallery/shutter/
   info: [decodingLevel=0] found JavaScript
   suspicious, see: http://urlquery.net/queued.php?id=15509

polonus

Author Topic: False Positive URL:Mal (Read 17256 times)

pavelsaharuk125rus

Re: False Positive URL:Mal

Pondus

Re: False Positive URL:Mal

polonus

Re: False Positive URL:Mal