Hi, I’m trying to reach the home page of FilmEdge.net, but avast! is detecting a JS threat and denies the connection:

http://img444.imageshack.us/img444/2665/20100421230441.png

Could someone confirm this is a real threat or just an overly-cautious web scanner, cheers.

It looks like the site has been hacked.

There is a large block of obfuscated javascript in a script tag immediately after the Body tag of the index page. I don’t pretend to know what this script does, but javascript is a plain language scripting code, so why go to these lengths to hide its purpose.

Wepawet (alpha) Analysis report for http://filmedge.net/
http://wepawet.iseclab.org/view.php?hash=2800663f8c1b98291c02ec7a3e5d389f&t=1271860714&type=js

Anubis
http://anubis.iseclab.org/?action=result&task_id=1ffc59ad10b1bc8d4350ffc8560382466&format=html

Thanks. I just checked the site again and it seems to be fixed now.

Cheers

You’re welcome.

Looks like they have cleaned out the suspect script tag, no alerts from avast now.

More about this here: http://www.wjunction.com/showthread.php?t=21715

polonus

Nice topic that, nice and clear with a circular reference back to your topic on these forums and a good promotion of avast being the only one detecting it.

Like this topic here, I uploaded the file to VirusTotal and basically only avast was picking it up.