a false positive?

Hello,

Is this a false positive or does that website have some hacked content?

Thanks

Hello,

This is false positive which is already fixed internally. The fix will be released in next 2 hours.

Regards

Well it is strange as that page only has content to redirect it to hXXp://portal.uned.es (link 1 below), but that URL triggers the Network Shield and if bypassed, it triggers another web shield alert (link 2 below), which is a packed javascript file.

First avast web shield alert, http://www.virustotal.com/file-scan/report.html?id=0607321cefb3576d946e5508be4046e350593bdf8f62af4328d337f2c672840b-1281452040.

Second avast web shield alert, http://www.virustotal.com/file-scan/report.html?id=bef9d3e7b3aa57f435869262cc6523c2c445900d0d38bc1d697f5e0b6647912d-1281452276.

In both cases only avast and GData (which uses avast as one of its two scanners) detect this, so it could be an FP.

Edit: Missed jsejtko’s post whilst investigating this, which confirms the FP.

I’ve seen that the false positive is already fixed.
Now it’s ok.

Thank you jsejtko and DavidR :slight_smile: for your help.

Hugs,

No problem, glad I could help.

Welcome to the forums.