Author Topic: warning ripway.com how to tell if its a false positive (Read 3671 times)

tbint · « **on:** December 16, 2009, 09:24:30 PM »

I navigated to this site today and the warning went off. I was just there yesterday, and last night. No warnings at all. But today I get these warnings:

Quote

12/16/2009 12:46:09 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/" file.
12/16/2009 12:46:52 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/" file.
12/16/2009 12:46:53 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/ads/ads.asp?size=336X280&site=RIPWAY" file.
12/16/2009 12:47:09 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/" file.
12/16/2009 12:47:11 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/ads/ads.asp?size=336X280&site=RIPWAY" file.
12/16/2009 12:48:12 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/members/default.aspx" file.
12/16/2009 12:51:28 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/help/default.aspx" file.
12/16/2009 1:56:54 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/" file.
12/16/2009 1:57:28 PM   SYSTEM   1344   Sign of "HTML:Script-inf" has been found in "http://www.ripway.com/favicon.ico" file.

I really like this little file storage. How can I tell if its a false positive? Should I try and email them about it? I can not go to any page without the caution a virus has been detected going off.

Thanks for any info.

Lisandro · « **Reply #1 on:** December 16, 2009, 09:26:41 PM »

Generally, avast detection is accurate in these cases.
Isn't it an encrypted/obfuscated script or iframe?
Wasn't the site hacked?
Maybe you could contact its webmaster.

tbint · « **Reply #2 on:** December 16, 2009, 09:46:35 PM »

Quote from: Tech on December 16, 2009, 09:26:41 PM

Generally, avast detection is accurate in these cases.

I always have trusted avast.

Quote from: Tech on December 16, 2009, 09:26:41 PM

Isn't it an encrypted/obfuscated script or iframe?

obfuscated?? well I need to look that up before I can answer.

Quote from: Tech on December 16, 2009, 09:26:41 PM

Wasn't the site hacked?

Since last night? Is there a site that you can summit the url and have them check this?

Quote from: Tech on December 16, 2009, 09:26:41 PM

Maybe you could contact its webmaster.

Ok!

Are these rhetorical question I should ask myself before posting?

Chief Engineer · « **Reply #3 on:** December 16, 2009, 09:48:37 PM »

The Finjan online url scanner of ripway reports:
Analysis Result: The requested URL was blocked due to the following reason:

Virus Detected! The page or file you requested is infected with the following virus: Exploit-IFrame

tbint · « **Reply #4 on:** December 16, 2009, 10:04:41 PM »

Quote from: Chief Engineer on December 16, 2009, 09:48:37 PM

The Finjan online url scanner of ripway reports:
Analysis Result: The requested URL was blocked due to the following reason:

Virus Detected! The page or file you requested is infected with the following virus: Exploit-IFrame

Thank you for finjan. I sure hope they can recover from it.

Author Topic: warning ripway.com how to tell if its a false positive (Read 3671 times)

tbint

warning ripway.com how to tell if its a false positive

Lisandro

Re: warning ripway.com how to tell if its a false positive

tbint

Re: warning ripway.com how to tell if its a false positive

Chief Engineer

Re: warning ripway.com how to tell if its a false positive

tbint

Re: warning ripway.com how to tell if its a false positive