hey guys
I was looking for starwars battlefront 2 mods and stuff where i came across this site :
hXXp://www.megagames.com/cracks/html/917350_0.htm
avast told me it was a Trojan and i told it to disconnect.

so i thought i would try it on the other computer (avast to ) and it detected it(just a test)
and i restarted the computer ( i started playing games )

so then after playing games i started doing that test again in IE 8 which did not dectected it and then i did it in firefox and it did not dectec it , which i thought was strange

so i did it in Opera again and it did not dectect it and ie which found nothing

so i deleted all of operas cache and all and it will not find any thing wrong

so i did it on the other computer again and that found trojan s

whats going on ?

You wonder why avast is alerting when you go looking for cracks ???
Please ‘modify’ your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

Cracks, keygens, etc. aside from any legal/moral issues, frequently come with uninvited guests.

It is also possible that the site may have been hacked and a script inserted, whilst I can’t see anything obvious, avast isn’t alone in detection, see http://www.virustotal.com/analisis/f5423cb696a8cf7165eb144ca37c3db5f1afa473ec153a1a83640aff2c51e107-1263404303.

Also see, http://www.UnmaskParasites.com/security-report/?page=www.megagames.com/cracks/html/917350_0.htm.

Hey i was not looking for cracks. i bought the game for $20.

So why wont avast see that its a bad site ?

Surely it did see it was a bad page “avast told me it was a Trojan and i told it to disconnect.” it alerted didn’t it ?

For a site in its entirety to be added to the malicious sites lists it would have to be constantly serving up malware, etc. and that would be based on several things, one of which would be consistent detections by the web shield and those stats reported anonymously to avast.

yes. but i went to the site again to test it and it did not find any thing
but the othercomputer finds some thing every time

edit: now the other computer is not reporting any thing ?
so am gussing the website has stop trying to give trogans to people ?

whats a other site i can test my anti virus with ?

i tried the eicar test which worked fine now i want to test the internet protection

also whens avast 5 coming out ? its meant to come with a firewall i cant wait ! lol

What other computer; what does it find; what is detecting it; if avast is it exactly the same page being detected; as you can see your question isn’t a simple one to answer without full information.

Sites get infected, sites get cleaned up, that is a fact of life as they are now a big target:

• See http://www.scmagazineus.com/Every-36-seconds-a-website-is-infected/article/140414/.

avast 5 doesn’t come with a firewall, the avast Internet Suite a paid option comes with a firewall the stand alone avast 5 anti-virus will be essentially the same as now with some additions, but not a firewall.

well its reporting it now
file name : hxxp://www.megagames.com/hostPageScript.js
malware name : JS:ScriptDC-inf [Trj]
malware type : trojan horse

same thing but : hxxp://www.megagames.com/cracks/html/917350_0.htm

network shield : 15.01.2010 11:03:57 Network Shield: blocked access to malicious site wxw.cvskr.com/common.js [ C:\WINDOWS\system32\svchost.exe ( 1128 ) ]

You keep forgetting to modify the URLs to avoid exposure.

I got no alert initially as I have firefox and NoScript enabled so until I temporarily allow the site to run javascripts nada, do that and avast alerts. I don’t know if this might be why you have intermittent results.

Anyway I have sent the hostpagescript.js file to avast for further analysis, see image, as only avast and GData (uses avast as one of its two scanners) detect this in virustotal, http://www.virustotal.com/analisis/ac34c664597b826051d064a450572e415729898536cddbdb9e1e0a9ca219c3b3-1263514180.

hmm…

so i am ok yer ? theres nothing wrong right ?

I honestly don’t know as it requires further analysis, which I as an avast user like yourself can’t do.

The file that I sent was only one detection as the other one from your original link had more virustotal hits and that I didn’t send.