Hello,
Avast network shield gave few warning that it has blocked connection to the malicious sites : hxxp://www.ondemandcm.com (link with foxit reader)
Is it a false positive alert ?
FinjanSecure said :
Analysis Result: The requested URL was blocked due to the following reason: Virus detected : the page is infected with Mal/Badsrc-C
But nothing with WOT ans Siteadvisor.
Thank you
It is no false positive, there are URLs (and an iframe tag) to off site javascripts, all before the tag, a standards no, no.
So it looks like the site has been hacked.
Hi fiche,
In support of what DavidR here reports, consider this:
This script is used by malicious iframers to launch exploits.
Scanned:
Saturday, February 07, 2009
Also * finjan alerts to possible malicious content…
So no doubt about this, hacked through iFrame,
you could report this to the webmaster in charge,
polonus
Hello,
Thanks for these answers !!!
No problem, glad I could help.
If this is a site you use regularly you should report it to them, if you have a contact email address, if not, webmaster @ the site domain name (dot) com, is usually a reasonable bet.
Welcome to the forums.
How we can know when avast give a network shield false positive??
By analysing the page as I did and found malicious code.
If you are the person who created the page, by looking at the source code.
If you are a user by doing the same as here (reporting it), but this hacking of pages is becoming more prevalent and avast’s web shield is very good at detecting it. You only need check these forums and in virtually all cases where the network shield alerts it has been a good detection.
If you are an experienced user I dare say you would know how to investigate the page without needing guidance. If not you are best not to try and delve into the site or you could well become infected.