greetings!

avast has highlighted a trojan which it points to being present at iamcourse.com/course/3/perceiving/
JS:Illredir-DK[Trj]
Connection aborted

i have never been to this site, and have seen this being blocked a few times at almost random points while web browsing…

can anyone give any more information about why i am seeing this? i run at least weekly scans of multiple HD cleaners.

thanks

please remove http from the link so it is not clickable

can you post a screenshot of the avast warning ?

VirusTotal HTML scan - iamcourse.com/course/3/perceiving/ - 4/43
http://www.virustotal.com/file-scan/report.html?id=1449c454e15ed86d17605b40fc372df29d7dd7de512e153ba8cdea429b940423-1295529216

sure ok, the http is removed.
thanks for the link too, that’s a new site to me.

here’s the screenshot:

http://www.perfectmedium.co.uk/images/malware.png

It looks like avast is alerting on a script tag just before the closing html tag, this points to //adsourcedomain.info and avast alerts on that site also.

Just below that script tag is another script tag, this time it is obfuscated and more suspect. Having checked further it is this obfuscated script that avast is alerting on and this obfuscated script is on the other page adsoourcedomain.info.

The whole thing is suspicious if as you say that you haven’t intentionally visited this site. This might well just be adware/spyware in an installed toolbar or search bar etc. Have you installed anything recently, many of them come with toolbars/search functions, these deliver targeted ads.

Or it could be something more malicious.
If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

• 1. MalwareBytes Anti-Malware (MBAM), On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. - 2. SUPERantispyware (SAS). On-Demand only in free version.

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

thanks, i ran the 2 scanners
the 1st one found nothing
the 2nd one found a few potentials… i removed the files, rebooted and reaccessed the iamcourse website. and still see the same avast message.

@tunist.
Let’s check what this is about

Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr

Double click dds.scr to run the tool.

* When done, DDS will open two (2) logs:
     1. DDS.txt
     2. Attach.txt

Save both reports to your desktop. Post DDS.txt back to topic.

The logs also help us, by seeing what was found may point in a specific direction, which is why they were asked for.