http://rad.microsoft.com/ADSAdClient31.dll?GetAd=PG=CMSIE3SC=F3AP=1164

[Happy-Dude]

Avast! detects that that link is contains a virus code. Anyone else had this ? I encountered it by going to: www.microsoft.com ---> going to latest releases ---> clicking on Internet Explorer Release Candidate 1 ----> and when the page loads, I get avast! detecting

Code: [Select]

http://rad.microsoft.com/ADSAdClient31.dll?GetAd=PG=CMSIE3SC=F3AP=1164.

My scanner was set to silent mode, so its aborted and I'm safe right ... ? The one good thing with this is that we know Internet Explorer 7 is closer to release ...

-EDIT-
Corrected post linking.

[DavidR]

The aborted connection should stop it being downloaded to your system so you should be ok.

I tried to check that link using DrWeb extension and get an error:

Can`t fetch file pointed by your url. This may be caused by several reasons:

    * Remote file is not available (not found, requires authentication, permission denied)
    * Remote site is down, or very slow, or busy
    * No network connectivity between Dr.Web online server and remote web-site

So it is hard to say if it was a correct detection or a hiccup.

For the future though, please don't post active links to suspect locations/urls, break it up or use the code tag (# hash icon), e.g.

Code: [Select]

http://rad.microsoft.com/ADSAdClient31.dll?GetAd=PG=CMSIE3SC=F3AP=1164.Or http :// rad.microsoft.com/ADSAdClient31.dll?GetAd=PG=CMSIE3SC=F3AP=1164 that way we avoid accidental exposure for the curious.

[Happy-Dude]

Oh, okay, thanks. So it isn't known if its a real malicious detection yet right ?

[DavidR]

There is no way to confirm one way or another if the page can't be loaded to be examined or the file ADSAdClient31.dll downloaded.

It may just be a sluggish server unusual for Microsoft and you would like to hope there pages haven't been hacked (not impossible). I can't seem to be able to get the ADSAdClient31.dll I end up with a 0KB file.

[igor]

What malware was reported, btw?
You may be able to find it in avast! Log, if you don't remember.

[polonus]

Hi Happy-Dude,

Got these results from the site:
Dr.Web (R) daemon for Linux v4.33 (4.33.0.09211)
Copyright © Igor Daniloff, 1992-2005

Last update time: 2006-08-26,18:44:34

File size: 15385 bytes


download.html%3Fdllfix.net - archive HTML
>download.html%3Fdllfix.net/JavaScript.0 - OK
>download.html%3Fdllfix.net/JavaScript.1 - OK
>download.html%3Fdllfix.net/javascript.2 - OK
>download.html%3Fdllfix.net/javascript.3 - OK
download.html%3Fdllfix.net - OK

But it is an adserver. and adsad.client is M$ hotmail ad client:
http://will.id.au/blog/archive/2004/07/26/something-interesting-with-msncom

polonus

[Happy-Dude]

Code: [Select]

What malware was reported, btw?
You may be able to find it in avast! Log, if you don't remember.
Well, I wasn't able to find it in the log, but I'm pretty sure I remembered it as a "virus/worm" detection.

[igor]

Rightclick on the blue avast! tray icon and select Log Viewer. Virus detections should be in the "Warning" cathegory (though I'm not sure what's the default logging sensitivity).