URL:Mal And Html:Script-Inf

Hay,Guys

I have been getting a URL:Mal waring when i visit a popular file hosting site

http://i53.tinypic.com/1zl8a5k.png

It seemed like the, Network shield was blocking it so i had to turned it off, Then the web shield, Starting giving HTML:script-inf waring

http://i52.tinypic.com/os9454.png

I am not sure what the problem is, But i wood really like to know,

Jest incase no one has notice the domain in question is “filesonic.in”

Update: Seems like the problem is solved, Site is working without any warning from avast.

Cannot reproduce (and I have heuristics on high everywhere).

Possible FP ???

Report 2011-03-21 06:18:04 (GMT 1)
Website filesonic.in
Domain Hash e55c9c32c22cb6ef499636f61b66adc5
IP Address 78.140.176.180 [SCAN]
IP Hostname v-4-kt26-d864-180.webazilla.com
IP Country NL (Netherlands)
AS Number 35415
AS Name WEBAZILLA WebaZilla European Network
Detections 0 / 20 (0 %)
Status CLEAN
Scanning site with: AMaDa CLEAN
Scanning site with: BrowserDefender CLEAN
Scanning site with: DNS-BH CLEAN
Scanning site with: DShield SDL CLEAN
Scanning site with: Google Diagnostic CLEAN
Scanning site with: hpHosts UNRATED
Scanning site with: joewein.de LLC CLEAN
Scanning site with: Malware Domain List CLEAN
Scanning site with: Malware Patrol CLEAN
Scanning site with: MyWOT CLEAN
Scanning site with: Norton SafeWeb CLEAN
Scanning site with: ParetoLogic URL Clearing House CLEAN
Scanning site with: PhishTank CLEAN
Scanning site with: SpamhausDBL CLEAN
Scanning site with: SURBL CLEAN
Scanning site with: Threat Log CLEAN
Scanning site with: TrendMicro Web Reputation CLEAN
Scanning site with: URIBL CLEAN
Scanning site with: Web Security Guard UNRATED
Scanning site with: ZeuS Tracker CLEAN

Yeah!, I also thought it was false positive but something must have triggered avast as

This was the first time avast was showing a alert on that particular domain, Maybe some

New script which was added or some kind of change.

But webutation has some bad review, and only a 80% score: http://www.webutation.net/go/review/filesonic.com

polonus

Hello,
This is a false positive. Problem was that we had a several pages in our black list what were really close with this page by name.
Best Regards

So I am not the only one getting this.

Host Avast! suddenly gone bonkers? Why am I suddenly getting this (which began today, 03-21-11) every time I got in my inbox at Yahoo mail and comicbookresources?

http://img28.imagevenue.com/img.php?image=737820320_WTF2_122_461lo.JPG
http://img121.imagevenue.com/img.php?image=737827353_WTF1_122_426lo.JPG

This is unrelated to this topic other than the malware name which can be applied to multiple different sites for different causes.

There have been instances of ad organisations having the content compromised. See https://blog.avast.com/2010/02/18/ads-poisoning-–-jsprontexi/.

This is not to say the detection is good or otherwise, just that it is unrelated to this particular topic.

So what’s the fix to turn the message off if it’s a false positive?

Wait until it’s fixed. Meanwhile, you can find a decent ad blocking addon for your browser. I have been getting zero messages about infected ads from avast! when messing around Yahoo (which is one of the sites all people keep complaining about today).

…but it’s unrelated??? ??? I thought this applied to the particular error/false positive, or else why isn’t Filesonic anywhere in the thread title?

There have been instances of ad organisations having the content compromised. See https://blog.avast.com/2010/02/18/ads-poisoning-%E2%80%93-jsprontexi/.

This is not to say the detection is good or otherwise, just that it is unrelated to this particular topic.

I do not follow your reasoning, but okay. In any case, I have alerted comicbookresources.com and they said they’ll look into it and get back to me. Alerting yahoo on the other hand is next to impossible. If it is a case of ad “poisoning”, hopefully they can fix it somehow.

I also have ad blockers installed on Firefox, no effect.

I cannot find a setting to shut it off, so any other ideas would be welcome.

Yeah, go out to have a beer or two or watch TV or get some sleep until the FPs are fixed.

Honestly YOU sound like you need all those things more than me at this point. I’m sorry you are being inundated with these requests but it is not my fault, I am not the author of any of the false positives or ad poisonings or whatever is going on. I can wait but honestly how about YOU relax and grab a few beers yourself?

I just started getting an html:scrpt-inf everytime I start Explorer. The site or file listed is l.yimg.com (I think is yahoo). I started getting it when I opened an email.

Can someone help me please