Detection: JS:Autolike-DT [Trj]
I get 100% detection (web shield: site blocked) for this on one specific news site. Has been detected for at least 2 maybe 3 weeks now. I have trouble believing the site would not have been contacted, warned, etc. by someone if the infection is valid… FYI, I get the detection only in Avast for windows (7) and not on my Nexus Tablet (Android…)
Additional info: Full Avast scans as well as full Malwarebytes scans show no issues on my PC. In any case, as I mentioned, Avast blocks the site, presumably successfully.
Sorry, no… too much private info on my screen. complete text of the pop up is:
avast! Web Shield has blocked a harmful webpage or file.
Object: http://…/autolike.js?ver=1.0
Infection: JS:Autolike-C [Trj]
Process: C:\Program Files (x86).…\chrome.exe
and yes, this time it’s showing Autolike-C instead of D
If the site was detected and blocked by avast! Webshield, it is most likely that your computer never came into contact with that site and the malware delivery.
In that scenario you had a lucky escape. Just scan your complete Google browser file through opening file location, clicking the complete browser file and scan.
There is/was suspicious iFrame code there: Suspicious
We are experiencing technical difficulties. Please try again later.
Thank you for your patience.
On the main site I also got a connection time-out!
Site likely compromised because of outdated CMS:
Web application details:
Application: WordPress 3.5 - http://www.wordpress.org
Web application version:
WordPress version: WordPress 3.5
Wordpress version from source: 3.5
Wordpress Version 3.5 based on: htxp://shrewsbury.net/wp-admin/js/common.js
WordPress directory: htxp://shrewsbury.net/wp-content
WordPress theme: htXp://shrewsbury.net/wp-content/themes/WpAdvNewspaper/ (probably this at the root of this site being compromised)
WordPress version outdated: Upgrade required.
Yes, I wasn’t worried for my PC. My interest was is it a false positive that Avast needs to fix, or a real infection that I need to contact the website about. It has lasted so long that my presumption was/is it was a false detection. It’s a popular enough site (locally) that they would have heard about it from someone after enough time had passed. FYI, the detection is still occurring.