My site is getting flagged with malware (Threat: HTML:Script-inf)

I’ve been getting numerous complaints that my site (hXXp://www.spoonyexperiment.com) is getting flagged by Avast for having malware-- specifically, HTML:Script-inf.

My site has been undergoing some cosmetic changes to its CSS and Wordpress arrangement, but aside from a few .gif images, I’ve uploaded nothing new to the site so I can’t imagine what’s changed. I scanned everything I uploaded, and ran my site through a couple of online checkers and they all came up clean.

Can anyone follow-up on this and see if you can narrow down the problem? I’m unsure as to the procedure here.

Thank you.

http://forum.avast.com/index.php?topic=74355.0
http://forum.avast.com/index.php?topic=74348.0
http://forum.avast.com/index.php?topic=74350.0
http://forum.avast.com/index.php?topic=74340.0
http://forum.avast.com/index.php?topic=74345.0
http://forum.avast.com/index.php?topic=74347.0
http://forum.avast.com/index.php?topic=74353.0
http://forum.avast.com/index.php?topic=74349.0

(incomplete).

Please WAIT until it’s fixed and actually at least read the latest posts before jumping in with another thread. Have a nice day.

Yep, another uac ad tracker that causes the alert…

Hey! Someone courteous and helpful. Thank you.

I’m starting to see maybe one of those Live Support things might be necessary. If Avast! runs like clockwork and then all of a sudden BAM! something like this happens, of course people are going to want to know wtf happened AS it happened, and this forum is the closest thing to realtime as they can get. Annoying perhaps but totally understandable. Oh well.

Re this is what I get for that site: (referer=www.google.com/trends/hottrends) failure: HTTP Error 403: Bad Behavior

polonus

Well the forum is usually the first to notice trends…the problem with site infections, is that generally they are quite accurate, and hard for the typical site owner to spot.

I can see why there are loads of threads on this, just because it is the same infection name, doesn’t necessarily mean that the reason is the same, which is why I looked at the sites where I can to see whether it is the same reason…

Linking to loads of other threads (while in this case is relevant) could be irrelevant and could well be a different “infection”, but with no testing, there is no way to know…

@Pol, yeah, malzilla gave me the same…needed to take a different route to get the code to show it was the same ad problem as in the other threads.

Hi spgSCOTT,

Yes probably this has to do with with WordPress’s Bad Behaviour (I somehow never can get myself to spell “behavior”) and blocking tracking, from which the 403 Bad behavio*r error stems,

Damian

just wanted to add that looks like it has something to do with aol advertising, I noticed samething and after big of research uac.advertising… one of their advertising was flagging avast. Afer I removed the code from site, avast was ok with loading my site.
I wrote bit more about it here if you don’t mind reading:
MWD

Ensure that you have the latest VPS version 110321-2 which corrected this FP.