Community Gallery website - malicious code?


#1

My Avast software found malicious code when I clicked on the link of the Accurate Building Inspections website in the Community Gallery. I’m not that savvy with virus software so not sure why this happened but thought I’d report it since I’ve not seen it before. http://rapidweavercommunity.com/gallery/accurate-building-inspections Maybe someone can tell me why the site/code was flagged?

The message:
Infection detected!


The requested URL contains malicious code that can damage your computer. If you want to access the URL anyway, turn off the Avast web shield and try it again.
Infection type: URL:Mal


(William Davis) #2

My guess is that because the site’s protocol is “HTTP” and not “HTTPS”, Avast is warning you that whatever information you are exchanging will be easily intercepted by hackers. By having the prefix “HTTPS”, the site’s connection will ensure the security of heavy transactions (such as a $400 Building & Pest Report).


#3

@theMountainMoves I visit many sites that do not have https and I have never got that warning. Strange.


(Doug Bennett) #4

I got the same thing! This is not due to http vs https.


(William Davis) #5

http://quttera.com/detailed_report/www.buildingreport.net

A quick scan of the site reveals that there is only one “Potentially Suspicious File”, and judging from the code structure, it’s cosmetic-based. I wouldn’t really warrant this as malicious; although it’s interesting how Avast concluded it to be just that. :cold_sweat:


(Christopher Watson) #6

This is my site…

Made with foundation and a few other pretty basic stacks. Nothing out of the ordinary…
Not sure what it could be…
Interesting though…


(William Davis) #7

That is highly unusual…


(Doug Bennett) #8

I don’t know what is causing this but I wonder what other malware software would do.

I’ve been learning foundation so I have tried a number of sites out that use that, aslo have armadillo mentioned in use in the gallery, it should be clean.

@bitbumpy what else might you be using?
Just thinking something is setting it off, don’t know how windows antiVirus like Norton would react.


(William Davis) #9

Can Avast make exceptions to blocking certain sites?


(Doug Bennett) #10

I don’t think so… it’s an all or nothing thing, It is free so not real feature packed. I know a lot of MAC users don’t have anything. I don’t really need to see this site just wanted to check it out, but if the real customers get a message like that it would not be good for site traffic.


(Christopher Watson) #11

@teefers besides foundation and armadillo, the stacks used are:

Image List by doobox (old version) and;
PayPalStack by Bryn Owen Design (this is only on the paypal receipt page)

Thats it. No extra code or anything…


#12

Yes, I guess that would be my concern as a site creator. I wouldn’t want any user getting such a message, and then assuming that the site code has malware or a virus in it. I certainly wouldn’t expect this from Rapidweaver code, which is why this is so strange. @bitbumpy I hope you find out what’s creating the flag.


(Joe Workman) #13

I find it suspicious that they do not tell you what the problem is. You have to download their utility and run a scan. I smell bullshit… Why do you even have this installed?


(Doug Bennett) #14

I think I say it in a MacWorld article. Coming from companies that used Windows (years working in IT) when I switched to MAC was looking for malWare prtection. Had it on multiple MAC’s for a least a couple of years, and it other then an daily virus def update kind of forgot it was there. Doesn’t POP up often.


#15

Good to know @joeworkman, that Avast is not doing what it’s purported to do. I imagine I’m not the only one running this software in the background. I have Avast running to alert me about malware. I’m guess you don’t think it’s a valuable piece of software?


(Butternut Squash) #16

Not only Avast, but Avira as well.


(David) #17

Don’t feel bad, you’re in good company. It seems like they’ll find something on most sites. In Realmacs case it was a .js file.


#18

Thanks for the information. Always learning!


(Butternut Squash) #19

It seems like they’ll find something on most sites.

It is gratifying to hear that that this is probably not serious, but it is nevertheless the very first time I have ever seen that error message anywhere.

And so I would have to disagree. It is absolutely not an issue on most sites. Not at all.


(Peter Danckwerts) #20

It is very worrying that some people may be losing many potential visitors just because of phoney malware warnings.