Hi, I have been looking around the avast forum and have noticed that HTML:Script-inf is quite common.

I get the alert from Avast when I visit. " hxxp://www.ultimate-guitar.com/{gzip} " (please dont edit the link and open it)

I also get the alert when i visit 911tabs, a site linked to it. I’m worried that I’m infected. i have run a full scan twice now. Been a avast user for about 2 years.

It’s picked up the HTML:Script-inf once in my temporary files. which I chose to delete. It’s detected as a Virus/Worm.

If anybody has some tips on this particular type of website infection, much help would be appreciated.

Hi infest3d,

hxxp://www.ultimate-guitar.com/

Conatains a script that opens an ad from ad. yieldmuncher… this has recently been added by the network shield (i think) and is considered malicious…this is the reason for the alert.
http://www.mywot.com/en/scorecard/ad.yieldmanager.com

Concerning your security, if you clicked on the abort connection window, you should be fine as avast! has prevented the malware from entering the system.

-Scott-

Hi spg SCOTT, thank you for your reply. You’ve put my mind at ease.

You’re welcome.

Welcome to the forum

Happens to be FP, which will be fixed.

http://forum.avast.com/index.php?topic=52692.msg446420#msg446420

Hi I’m getting the same warning about HTML script-inf from a major site that I use often.

Sign of “HTML:Script-inf” has been found in "http://app.struq.com/t/i/7196006202015

the site I go to is POcruises.com but the above is the warning

Is this the same FP?

Hi lioness, welcome to the forum

Apparently so…avast! has just updated, and checking the site, gives no alerts anymore.

-Scott-

Hi, everybody!!!
I’ve the same problem with the website: hxxp://www.phpbbplanet.com/forum/index.php?mforum=aerogi
The message I received from Avast is:
Sign of “HTML:Script-inf” has been found in “hxxp://www.phpbbplanet.con/forum/posting.php?mforum=aerogi{gzip}” file.

It seems to appear only when I post a message in the forum, when I navigate in the forum it doesn’t appear. ???
Is it a FP?

Thanks a lot for the help!!!

Scott - thanks - all OK now

except for this one xxx microsoft.security.essentials.info xxx

Don’t click on it - it’s a very strange URL

Hi lioness,

It has this

The false positive with yieldmanager was already fixed in the latest update, please update your database.

Hi kubecj,

Thanks for the swift correction of this FP, it was almost immediately,

pol

im having the same problem since 2 days straight. Avast says my vdb is up to date File version : 091227-0.

P.S trying to visit the same site i.e ultimate-guitar.

any one have any idea on how to solve the problem.

alifawad1994, 091227-1 was release to fix this problem.

Right click on avast! icon in the taskbar then Updating then iAVS Update

@YoKenny

im super confused, when i do iAvs update it says my db is uptodate i.e, 091227-1 , but when i check about avast by right click avast icon>about avast > vps file version. it says 091227-0. and i still cant access the website.

what to do ??

Try a repair of avast. Add Remove programs, select ‘avast! Anti-Virus,’ click the Change/Remove button and scroll down to Repair, click next and follow. This has in the past resolved this out of sync issue between reported and actual VPS version.

@ DavidR

You are a genius, thank you that solved my problem

You’re welcome, genius is probably a bit over the top ;D