Hi raceonusa,
This could be part of click fraud malware in gclid (google code), if you scan your domain at Norton Safe Web. There was where I found the drive by download malware together with the location where it was to be found, so not only avast flags this, Norton too. it is a malware injection, there is not much you can do, unless you are the hoster,
polonus
I just had norton rescan my site:
http://safeweb.norton.com/report/show?url=raceonusa.com
totally clean, no viruses.
Is there a way to open a site dispute with avast?
Is there a way I can fight / contest this virus? Like a re-submit your site feature or something?
Norton web scan says it’s completely clean now, all I had Norton do what rescan.
The only one that’s giving me an error is Avast and it’s a false positive, how I can get them to rescan my site?
Sure G-data also has a false positive and that’s because it uses Avast as one of it’s engines to scan.
http://antivirus.about.com/od/antivirussoftwarereviews/gr/gdatasuite2010.htm
There is still an infection that jsejtko said, so unfortunately it’s not a false positive. I can see this (attached image) via three proxy.
Maybe Norton web scan only scans top page of your website (I can’t find any infection in your top-page so far) so it says yours clean.
It seems “JS:ScriptIP-inf” applies blacklisted URLs in “” tags without reserve so some innocent pages may get involved. :-\
Can’t you see Home/ directory on your server? I don’t intend to attack / criticize you, only wonder why you can’t find it on your server.
I do not have a home directory, how is possible that it appears on your side?
(check out the attached remote file directories I can view, hidden files are visible) no /Home directory.
I checked my htaccess and have nothing in there with “exemple” or that malware ip.
Also when I try to run
view-source:http://www.raceonusa.com/Home/exemple.com/
Firefox Ubuntu = blank
Windows XP virtual box Firefox = blank
Windows XP virtual box IE = …
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=windows-1252" http-equiv=Content-Type></HEAD>
<BODY></BODY></HTML>
Are you getting redirected to /Home/exemple.com for some reason? What are the steps that lead you there. I’m not sure how it’s doing this.
just some info, Opera browser is also blocking hxxp://www.raceonusa.com
So is IE8!
The webpage you tried to access is infected with a virus or other malware. Do not attempt to disable the avast! Web Shield in order to access the site.http://www.avast.com/lp-security-information-pp?utm_campaign=Virus_alert&utm_source=pa_50_0&utm_medium=prg_systray&utm_content=en-us
Hi YoKenny,
finjan or rather M86security now, also detects it:
SecureBrowsing
htxp://www.raceonusa.com/
Finjan SecureBrowsing has analyzed the above web address as it currently exists on the web.
The analysis indicates that:
Potentially malicious behavior was detected on this page
What to comment further,
polonus
Click the image below to see Opera’s warning taken just 2 mins ago.