Author Topic: JS:Packed-F alert (Read 4194 times)

thommy18 · « **on:** October 20, 2008, 12:20:31 PM »

Welcome

When I try to visit hxxp://www.wkretka.pl webside I became avast alert JS:Packed-F is present in source hxxp://www.wkretka.pl. What does mean that alarm and what Can I solve that problem. Probobly problem is in source code of webside. I use firefox 2.0.0.17 and win xp pro sp3 pl. I have the newest version of avast antivirus and integreted the newest viruses database. Please help me or any hints.

jsejtko · « **Reply #1 on:** October 20, 2008, 02:51:46 PM »

Hello,

I cannot reproduce any warning on that website. Please let me know some actions you have done or tell me web address avast was blocking as infected.

Thank you

polonus · « **Reply #2 on:** October 20, 2008, 03:16:01 PM »

Hi thommy18,

This weblink scanned with DrWeb's av link checker gave:

Checking: hxxp://www.wkretka.pl/
Engine version: 4.44.0.9170
File size: 1925 bytes

hxxp://www.wkretka.pl/ - archive HTML
>hxxp://www.wkretka.pl//Script.0 - Ok
>hxxp://www.wkretka.pl//Script.1 - Ok
hxxp://www.wkretka.pl/ - Ok

polonus

thommy18 · « **Reply #3 on:** October 20, 2008, 06:10:44 PM »

Problem is solved temporally because administrator of wkretka.pl redirect connections to wkretka.pl for wkretka.info service and problem not appear, but wkretka.info is infecred still.

jsejtko · « **Reply #4 on:** October 21, 2008, 09:38:08 AM »

So please tell admin of that site, that he needs to search his sources for "unescape(" string, he should see the infection. This detection is for malware JS packer so I cant tell you what malware is under this packer.

Regards

Author Topic: JS:Packed-F alert (Read 4194 times)

thommy18

JS:Packed-F alert

jsejtko

Re: JS:Packed-F alert

polonus

Re: JS:Packed-F alert

thommy18

Re: JS:Packed-F alert

jsejtko

Re: JS:Packed-F alert