Jump to content


Photo

Web Shield Gives False Positives?


  • Please log in to reply
6 replies to this topic

#1 YBS

YBS

    Godol Hador

  • Members
  • 3,813 posts

Posted 02 June 2009 - 05:05 PM

I use Avast, and this happens once in a while. I browse to a seemingly legitimate site, and it alerts me that it just stopped a trojan. If I abort the connection, I can't see the site. For example, this site ( http://www.yellowstonenationalpark.com ) seems like a perfectly normal informational website, but even its google-cached version triggers the trojan alert.

Would google be caching trojans?

Is this a false positive?
One for all, all for one!

I don't agree! I'm just lazy to type.

#2 Kalashnikover_Rebbe

Kalashnikover_Rebbe

    fine, nice looking, batampte Ben Torah

  • Members
  • 26,049 posts

Posted 02 June 2009 - 05:22 PM

http://double.boublebarelled.ws/FrMal

What is the current listing status for double.boublebarelled.ws?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 81 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-06-01, and the last time suspicious content was found on this site was on 2009-06-01.

Malicious software includes 69 trojan(s).

This site was hosted on 1 network(s) including AS16265 (LEASEWEB).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, double.boublebarelled.ws did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

Yes, this site has hosted malicious software over the past 90 days. It infected 341 domain(s), including tuzona0.com/, azzahfalakhder.com/, sandiegoesl.com/.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
[/flirting]

#3 YBS

YBS

    Godol Hador

  • Members
  • 3,813 posts

Posted 02 June 2009 - 05:47 PM

http://double.boublebarelled.ws/FrMal

What is the current listing status for double.boublebarelled.ws?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.


How did you get this?
One for all, all for one!

I don't agree! I'm just lazy to type.

#4 Kalashnikover_Rebbe

Kalashnikover_Rebbe

    fine, nice looking, batampte Ben Torah

  • Members
  • 26,049 posts

Posted 02 June 2009 - 06:51 PM

How did you get this?

I looked through the source and didn't see anything. But then I remember that adblock gives a list of all the things on the page, and lo and behold it showed up as a tiny frame embedded in the page.......

BTW safari doesn't even let me go to that page and gives me a malware warning......
[/flirting]

#5 YBS

YBS

    Godol Hador

  • Members
  • 3,813 posts

Posted 02 June 2009 - 07:07 PM

I looked through the source and didn't see anything. But then I remember that adblock gives a list of all the things on the page, and lo and behold it showed up as a tiny frame embedded in the page.......

BTW safari doesn't even let me go to that page and gives me a malware warning......

Did your antivirus put up a fuss? Avast blocks the whole site, unless you explicitly agree to download the trojan. I aborted it, so I didn't even get to see the source. And adblock only shows a bunch of gifs and a couple of JS's coming from google. Are you sure you didn't download the trojan?
One for all, all for one!

I don't agree! I'm just lazy to type.

#6 Kalashnikover_Rebbe

Kalashnikover_Rebbe

    fine, nice looking, batampte Ben Torah

  • Members
  • 26,049 posts

Posted 02 June 2009 - 07:09 PM

Did your antivirus put up a fuss? Avast blocks the whole site, unless you explicitly agree to download the trojan. I aborted it, so I didn't even get to see the source. And adblock only shows a bunch of gifs and a couple of JS's coming from google. Are you sure you didn't download the trojan?

I don't HAVE an antivirus....
And I'm on a mac, I'm not overly concerned..... (it COULD be that firefox blocks that part automatically without saying anything, because when I try to load the site itself I get a malware warning, but the main site loads fine. Safari doen't want to load the page at all.)

ETA: I can't even load the site directly so it appears to have been taken down.....
[/flirting]

#7 Dan

Dan

    Rebbe

  • Members
  • 1,479 posts

Posted 03 June 2009 - 11:21 PM

JS:Bulered [Trj]
That's the alert I'm getting from Avast. Matches K_Rebs post.
כלל זה יהא נקוט בידך: מי שאינו רואה את המקום [=ה'] בכל מקום, אינו רואה בשום מקום
איפה נמצא אלוקים? בכל מקום שנותנים לו להיכנס
-Kotzker

נישט אלעס וואס מען טראכט דארף מען זאגען, נישט אלעס וואס מען זאגט דארף מען שרייבען, נישט אלעס וואס מען שרייבט דארף מען דרוקען און נישט אלעס וואס מען דרוקט דארף מען ליינען!
-R' Salanter

יש בן חורין שרוחו רוח של עבד, ויש עבד שרוחו מלאה חירות; הנאמן לעצמיותו בן חורין הוא, ומי שכל חייו הם רק במה שטוב ויפה בעיני אחרים הוא עבד
-R' Kook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users