Can you please verify the links mentioned in these threads? The administrator is assuring me that there was a malicious code there but it’s not anymore. But i’m not sure if he is correct. Detections are not from Network Shield but they are coming from Script Shield and Web Shield.
Though detected files are a bit strange. PNG’s can’t be malware…
Well, if you look at detection name it’s not anything related to PNG malware. It’s JS:redirector. That can’t be right or i’m just missing something here.
"Users may follow the instructions in the .PNG and save the file as a bitmap (.BMP) with the .HTA extension.
It is [now clear that the] decompressed file contains an image, some JavaScript and one or more executable files."
I’m currently on a system with Kaspersky, but it’s also giving me alerts.
So basically if i understand this right, there is malicious data encoded inside PNG. The administrator there is saying to me that avast! is detecting files that aren’t there anymore. I find that impossible. Web Shield cannot scan and detect non existant files. They have to be there to be scanned and detected.
Though detected files are a bit strange. PNG's can't be malware...
;)
Sophos lab
Hello,
Thank you for contacting Sophos Technical Support.
The file(s) submitted were malicious in nature and detection will be available on the Sophos Databank shortly.
av-206846.png – identity created/updated (New detection Troj/ObfJs-AV)
Norman lab
av-206846.png : Processed - JS/Redir.GO
Avira lab
The file 'av-206846.png' has been determined to be 'MALWARE'.Our analysts named the threat JS/IFrame.IM.The term "JS/" denotes a Java scriptvirus.Detection will be added to our virus definition file (VDF) with one of the next updates.