Hello all,
Started from 15 June, I have got a URL:Mal2 warning when I getting access to the website of http://www.arashibest.com/member.php?mod=logging&action=login&referer=%2Fforum.php (ArashiBest Forum) that I always getting in daily.
For the webpage of the above link was OK and no warning alert existed. However after I login the forum and then red warning window showed up for my every click and stated as bellow (one of the many samples only) :
Malicious URL Blocked
URL: http://www.foxnl.com/photos/original/8530-mwg2er14qfdjwrt7fcr7.jpg
Infection: URL:Mal2
Process: C:\Program Files(x86)\Internet Explorer\iexplore.exe
The link of infection detailed information are as bellow (Selected 3 samples):
For the Web shield scan report, it stated that:
http://i789.photobucket.com/albums/yy176/wawakaka/WebshieldscanreportforMal2_zps6558b161.jpg
For the report, 1st column: Name of URL, 2nd column: The degree of severe: High
3rd column: Threat: URL:Mal2, 4th column: Action: Blocked
For the above situation, it seems that many several JPG files (i.e. http://www.foxnl.com/photos/original/8xxx-xxxxx.jpg) inside the photo album stated in the forum may have some malware threat on them.
Besides, I ask my friend (by using Avira Anti-virus) to getting and logging in the website (forum), as a result, the website is clean and no warning alert for malware URL for it. Apart from this, I also ask the technical staff of ArashiBest Forum for the queries of the above case, they explained that the photo album is changed recently and all of the JPG files were OK and clean and the warning alert of Avast must be false positive at all.
Therefore, is that the alert of URL:Mal2 is a false positive only? if yes, can it will be fixed by Avast later. Please be advise and help.
Thank you very much for the help and have a nice day to all.
By Karen