HTML:Script-inf

system · December 16, 2010, 9:28pm

Hi
Just recently avast has detected a problem with my website.hXXp://www.cheapholidayapartments.info/

Avast reports malware found.
infection: HTML:Script-inf
object: hXXp://www.cheapholidayapartments.info/owners/userindex.aspx
process:c:\program files\mozila firefox\firefox.exe

Can anybody help me resolve this problem
Regards
Moggy4

Pondus · December 16, 2010, 10:15pm

VirusTotal - userindex.aspx - 3/43
http://www.virustotal.com/file-scan/report.html?id=91934b320b1f44f004f748b752d531e7433820ed31f4bbcbd757bd6d69d238e2-1292537484

GData is using avast virus engine so this can be a false positive…but avast! is very often correct with malware on websites…

DavidR · December 16, 2010, 11:04pm

There is a script tag that is almost certainly the cause of the alert (see image1) and it is using an obfuscated domain, hXXp://%63%2E%6Ej%652.c%6E this is a Chinese domain (see image2) and is malicious as avast also alerts on it, see image3.

So it looks like this page owners/userindex.aspx if not other areas of the site has been hacked.

system · December 16, 2010, 11:45pm

Thank you for your advice i found the offending script and removed it all working fine now

DavidR · December 17, 2010, 12:32am

You’re welcome.

Please remove or modify the script tag, that was the whole point of my placing it as an image, so as not to place code in the forum to avoid any possible detection by avast in its own forum.

HTML:Script-inf

Announcements