After accessing the site hXXp://square-enix.com and allowing scripts Avast found the following detections:
Sign of ‘‘HTML:Script-inf’’ has been found in ‘‘hXXp://na.square-enix.com/sitestratos/ss_finalfantasyxiiicom_fa.js’’ file.
Sign of ‘‘HTML:Script-inf’’ has been found in ‘‘hXXp://na.square-enix.com/sitestratos/ss_finalfantasyxiiicom.js’’ file.
Does this look like Avast detecting a false positive or is this likely a problem with my own computer as I can’t imagine there actually being a problem with the site?
Sorry if this has been mentioned before but I looked for the topic before posting this and couldn’t find anything.
How are you getting to the na. sub-domain I don’t get any detection on the main site square-enix.com home page ?
I can’t get to that URL Permissions issue for the /sitestratos/ area, presumably this is site stats (?).
I do manage to get far enough to get an alert by just going to the home page of the .ns sub-domain (na.square-enix.com/) and checking the page the alert is on, there is reference to a site considered malicious (see image) b35.info, see links below. This site is also on avasts malicious site list, so that could well be a contributory factor.
Yes, I don’t get any warning by opening hXXp://www.square-enix.com, even after that I directed to hXXp://www.square-enix.com/jpn/index.html, there was still no warning.
i think addict had asked regarding this site previously. check the links i have posted in that topic : http://forum.avast.com/index.php?topic=46941.0 now those things might have changed.
hXXp://na.square-enix.com/sitestratos/ss_finalfantasyxiiicom_fa.js and hXXp://na.square-enix.com/sitestratos/ss_finalfantasyxiiicom.js both have the same content.
Yes the avast web shield should have blocked it (the abort connection drops the detected items connection), clearing your browser cache is belt and braces.
I understand typo squatting, but what are you saying is the correct URL ?
The square-enix.com domain seems to be a legit games/entertainment domain name. Googling that domain brings up lots of hits nothing in the first 50 hits to indicate the site isn’t legit ???