HTML:Script-inf found on website

Hello, I’ve neen trying to get an access to

wXX.rastaroots.com

and I got avast warning- HTML:Script-inf

Is this mean this site is infected? I wanted to order something from their site but I don’t wanna take any risk of getting malware…

Could someone help me with this?
Should I ask them to check thier website!?!?

No alarm here, is your avast updated ?

+1
Seems to be clean…
asyn

Report 2010-07-30 08:48:49 (GMT 1)
Website rastaroots.com
Domain Hash eda8418133f46665a78a4fc69cd602c4
IP Address 69.167.136.207 [SCAN]
IP Hostname rastaroots.com
IP Country US (United States)
AS Number 32244
AS Name LIQUID-WEB-INC - Liquid Web, Inc.
Detections 0 / 17 (0 %)
Status CLEAN

thank u for ur quick reply.
yes,it has been updated… :cry: but i’ll check one more time.
what can i do to get an access to this site ???

Are you still getting the alert ?
If so please try to capture an image of the alert window and post it. Or open the avastUI, Real-Time Shields, Web Shield, click the Show report file. The most recent entries are at the bottom of the file, copy and paste the entries relating to this alert/s.

Change any http/www in the URL to hXXp/wXw to avoid accidental exposure.

Hi sugar55,

Consider this report here: htxp://jsunpack.jeek.org/dec/go?report=73ec68bc2899accc658401029289ec3a33c4ec72

See scan report attached,

polonus

Dear DavidR:

here is the script for last couple of days

2010/07/21 0:52:18 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31 [L] HTML:Script-inf (0)
2010/07/21 0:52:47 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31 [L] HTML:Script-inf (0)
2010/07/21 0:52:51 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31 [L] HTML:Script-inf (0)
2010/07/21 0:54:36 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31_107 [L] HTML:Script-inf (0)

2010/07/22 17:51:20 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31_107 [L] HTML:Script-inf (0)

2010/07/30 2:00:32 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31&osCsid=c795b816456f31af7a1724d1e651a548 [L] HTML:Script-inf (0)

2010/07/30 20:36:14 hxxp://wxw.rastaroots.com/shop/index.php?cPath=31&osCsid=60fd40863fe77630c266c777bea2d99d [L] HTML:Script-inf (0)

I’ve checked my avast and it has been updated to 5.0.594

and thank u all for ur help :slight_smile:

Yes, I get an alert on this one, image1.

Avast isn’t alone in detecting this, though there are very few hits (effectively only two as gdata also uses avast as one of it two scanners, leaving only sunbelt as the other detection), not many AVs are actually looking for or capable of detecting

http://www.virustotal.com/analisis/cb0745ecfeb9b9097e6e5418ab162b1c6d506bf14ca868ddbc40fb518f28bf07-1280539377

There is one suspect script tag, see image2 and it is to a site considered may be harmful to your computer, http://www.google.com/safebrowsing/diagnostic?site=http://www.apogeecleaning.com/&hl=en.

So it looks like the wxw.rastaroots.com site has been hacked, there may be other instances of this inserted script tag on other pages.

thank u so much!

I’m gonna send them an email & see if they can do something about it.

I’ll let u know what happen:)

No problem, glad I could help.

A belated welcome to the forums.