URL:MAL and it points to htxp://fga5050.viewcontact.com.
I read somewhere else that this is a common false positive in avast!..what to do???
URL:MAL and it points to htxp://fga5050.viewcontact.com.
I read somewhere else that this is a common false positive in avast!..what to do???
and why is it a false positive?
IP adress for that URL is on 4 blacklists
Special Reason: Only the ASN/CIDR owner can solve this listing by actioning FAQ 42 apews.org SHUTDOWN BOTS, ZOMBIES, NET ABUSE
when do you see this… you dont give any info
It just pops up…about 10 of them…on the right side of the screen. Scans don’t find anything. I’ve cleaned out cookies several times. What keeps telling my Macs to access that site???
What keeps telling my Macs to access that site???so this is a Mac? .... if so, sorry the malware experts here and there tools only work on windows computers
Mac forum section is here. http://forum.avast.com/index.php?board=5.0
Okay, thanks. I used the link you provided.
Well that link is now non-malicious: https://www.virustotal.com/nl/url/be19cbc10a7628f3018bb496cdc4fdc7320036e329587221b0edd22017beade1/analysis/1389737102/
It was attacked via malcode that probed: http://fga5050.viewcontact.com/test404page.js → http://jsunpack.jeek.org/?report=e336932f55bf9b031f86b9bc886c981c55117e39 (not found on server)
We see excessive header warning: System Details:
Running on: Apache/2.2.10
System info: (Linux/SUSE) mod_ssl/2.2.10 OpenSSL/0.9.8k
clickjacking warning and HTTP only cookies warning as general insecurities.
Site doesn’t have a title and disallows entries via robot.txt
But this is a known PHISHING site: http://support.clean-mx.de/clean-mx/phishing.php?id=3691755
See: http://www.rexswain.com/cgi-bin/httpview.cgi?url=http://www.fga5050.viewcontact.com/&uag=MSIE+8.0+Trident&ref=http://www.google.com&aen=&req=GET&ver=1.1&fmt=AUTO
The site database is unavailable → http://jsunpack.jeek.org/?report=d4d1a856f1242c62c45a81a2df655b0bfb925f5f
In opening GET via webbug I get an alert from avast! Webshield as object://17.0.0.1/ detected as URL:Mal.
and also does this for other scanners.
Found to be benign here: http://zulu.zscaler.com/submission/show/0683cdf3c838e62c334fb2b660523984-1389737982
Indefined here: http://urlquery.net/report.php?id=8813829
pol