VBS:Malware [Script]

Avast Free Antivirus / Premium Security
1

hi

i have both a small homepage website , and on the other side avast 4,5 home edition :smiley:

by setting the standart shield sensitivity to “high” and acceding my personal homepage forum
i get the following virus alert ? :frowning:

re: VBS:Malware [Script]

“C:\Documents and Settings\rb\Local Settings\Temporary Internet Files\Content.IE5\F7DNZDSS\index[2].php”

by setting the sensitivity to “normal” , there is no problem ???

is there anything wrong wrong with
either the forum php files
or with the webspace-owner’s scripts ?

forum located at //membres.lycos.fr/clise/CF/
would be great if someone could assist me ?
thanks

2

Clear your browser cache, ensure that you have the latest version of avast 4.6.603.

Which setting are you setting to normal?

If there a likely to be a problem with a link you shouldn’t make it clickable to avoid accidental infection such as membres.lycos.fr/clise/CF/, if you can edit your post.

There is obviously something objectionable on the link. If it is a forum, someone could have made a post containing some VBS script.

If the alarm went off immediately you tried to enter the site the chances are good that avast stopped it from being downloaded.

If you have winXP (or NT based OS), you can schedule a boot-time scan from within avast.

3

hi DavidR :slight_smile:

thanks
i have upgraded to avast release 4.6.603 :slight_smile:

when webshield is activated , i get the following “alert” → see attached picture
so i am unable to access this page ???

so what i did is :
i deactivated the webshield
i accessed the page one more time and i saved the source file on my computer

when i do scan this file , i receive a similar alert to the first :frowning:

if required, i could post the source file on this forum , in *.txt format

thanks again

4

No don’t post it here, the likelihood is that it could trigger the same virus warning here.

If you can zip and password protect (‘virus’, will do) the suspect source file and send it to virus @ avast.com (no spaces).

Give a brief outline of the problem, include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.

You could also attach the image you have posted here. You could also include a link to this thread.

5

ok thanks, will do so ;D

i did split the source file in 2 parts ,

and

in fact, the virus seems to be a script added by lycos,
lycos if offering free hosting, but they want to have their stats and popups (popunders, google bars, aso… ) on the homepages located on their server. this part of the source file is “detected” and “considered” as a virus!!

i have contacted lycos and reported the pb to them . let’s see if they do react, … and what their reaction is

in the meantime i will onforward the infected part to the mail recipient mentionned in the support tab of this site (the email adress seems to be slighty different from the one u gave to me )

thanks for assisting
have a nice w.e.
rgds

6

It looks like the problem already is solved :wink: