From: "Snag" <snag_one@msn.com>

| G. Morgan wrote:
>> Snag wrote:
>>
>>> Apparently not , it was caught and deleted by that "**** software"
>>> before it could deliver it's payload . SM suggested it might have
>>> been one of the popup ads . Could be , I don't know or care , it got
>>> caught .
>>
>> /What/ got caught?
>>
>> Do a 'wget' on it, there is no malware there:
|
| I attempted to post the info from the message Avast! popped up , my OE
| refused to post . Here's a clipped part of what it said :
|
| Infection: win32:Alureon-APN [Trj]
|
| I tried to google for more info , couldn't find much but a log (seversl
,
| actually) of various AV programs catching it .

Aleureon is another name for the TDSS RootKit with the present bariant being
TDSS Level 4, aka; TDL4

Thta's associated with a trojan on the computer and not code on a web site
albeit a web site with malicious scripts can lead to a this kind of malware.

I don't know what Avast is flagging. If I submit the web script to Virus
Total I get...
https://www.virustotal.com/file/7609...is/1327333728/

Avast doesn't flag it. Fortinet does as; JS/Obfuscus.AACB!tr

However I put the URL through a vulnerable SandBox's and nothing was seen to
be malicious.


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp