3dgameman.com and Avast

12 replies [Last post]
Mon, 10/22/2012 - 18:08
limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

hey my avast has just started to popup with something everytime i do something on 3dgameman.com and its the only site too do it on just wanted to know if anyone else got problems or if it's just me

Infection Details
URL: http://www.3dgameman.com/misc/jquery.js?...
Process: C:\Program Files (x86)\Mozilla Firefox\f...
Infection: JS:ScriptDC-inf [Trj]

Top
Mon, 10/22/2012 - 18:55
#1
3dGameMan
3dGameMan's picture
Offline
Joined: 12/31/2000
Posts: 4753

I'm ok, but I don't use Avast... Let us check it out..

Anyone else experiencing this?

Rodney Reynolds,
T-Shirts: http://www.3GM.tv/tshirts
Register: http://www.3dgameman.com/user/register

Top
Mon, 10/22/2012 - 19:24
#2
Administrator
Administrator's picture
Offline
Joined: 08/04/2009
Posts: 218

There's nothing wrong with that script. It's an open source jQuery script. There may have been a malware banner through the ad networks... I don't have anything to prove that though. LimeDK, it looks like your report had more added to the end of that .js file URL path... Can you provide that entire link? thanks!

Top
Mon, 10/22/2012 - 19:54
#3
spawnkiller
spawnkiller's picture
Offline
Joined: 05/06/2012
Posts: 307

No problem with mine too, tested with Comodo Dragon, Firefox, Chrome and IE on Comodo Antivirus/Firewall

Gaming PC: MSI Z77A-G45 ::: Intel Core I7 3770k @ 4.83Ghz ::: EVGA GTX680SC Signature ~1300mhz Boost/7122mhz ram ::: 16GB 4*4gb G.Skill 2240mhz CL10 ::: ASUS Xonar DX ::: Crucial M4 128gb (windows) + Intel 330 180gb (Steam games) + 1TB Caviar Black (storage) ::: Cooler Master Silent Pro Gold M1000 ::: Antec P280 ::: Noctua NHU12P SE2 ::: ASUS VE247H ::: Logitech G510 ::: Cooler Master Storm Sentinel II ::: Logitech X530 ::: Steelseries Siberia V-2 Black & gold edition

98% Of people under 25 surround their minds with rap music, if you're part of the 2% that stayed with rock, put this in your signature, ROCK IS BETTER!

Top
Mon, 10/22/2012 - 20:31
#4
limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

heres a screen shot of everything http://imageshack.us/a/img5/4420/avastthing.png

Top
Mon, 10/22/2012 - 21:21
#5
spawnkiller
spawnkiller's picture
Offline
Joined: 05/06/2012
Posts: 307

I've just disaled my comodo and installed Avast and with google chrome, no problem but with Firefox and IE i get the same detection as you... don't know why Avast block that, i'll do my best to point out that sh** cause it's s**** when you can't join your favorite website ;)

Top
Tue, 10/23/2012 - 06:45
#6
AuraofVengeance
AuraofVengeance's picture
Offline
Joined: 03/16/2011
Posts: 8

I visited the site the past few days and around the time you made this post without avast tripping up. Just to let you know the script triggered an alert today. no biggie though :P

Top
Tue, 10/23/2012 - 07:05
#7
hellblazer55
hellblazer55's picture
Offline
Joined: 12/05/2008
Posts: 91

F-Secure caught that one on my end, so avast wasn't the only prog to catch that.

Rig| Coolermaster HAF X NVIDIA Edition | ASUS Sabertooth 990FX AMD AM3+ TUF Motherboard | AMD Phenom II 1100T Black Edition Six Core Processor -OC 4.23GHz | G.SKILL Ripjaws X F3 1866 8GB | Corsair Neutron GTX Series 2.5" Solid State Drive - 120GB | Western Digital Caviar Black Hard Drive - 1.0 TB x 2 | ASUS Blue Ray & DVD Multi | EVGA GeForce GTX 560 Superclocked Video Card - 2GB | Corsair Hydro H100 CPU Liquid Cooler | Corsair Professional HX1000W

Top
Tue, 10/23/2012 - 08:23
#8
Administrator
Administrator's picture
Offline
Joined: 08/04/2009
Posts: 218

This appears to be a trojan on the PC it'self that's trying to utilize the jQuery script to work as it's relay. I've uploaded the stock jQuery.js file and it's a perfect match.

The AV software you're using is alerting you to the fact that it's trying to access 3GM's jQuery. In the image provided, Avast is telling you FireFox is running the infection.

Top
Tue, 10/23/2012 - 09:55
#9
limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

well its seems to be gone now but gonnna cheack my system for a virus

Top
Tue, 10/23/2012 - 10:20
#10
3dGameMan
3dGameMan's picture
Offline
Joined: 12/31/2000
Posts: 4753

Let us know.

Top
Tue, 10/23/2012 - 10:59
#11
limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

well avast did not find at virus and it does not find anything when i go to 3dgameman.com so everything is fine now thanks for the help everybody (=

Top
Tue, 10/23/2012 - 15:04
#12
eire1274
eire1274's picture
Offline
Joined: 09/12/2003
Posts: 1040

Ran a full query with Kaspersky IS Enterprise 2013. No infection, though it sited the JavaScript as a "loose or exploitable code". It is possible an ad plug-in could have caused this, but I also agree that the most likely is a system app (trojan) that is using the script as a relay. I'd suggest updating to the latest Avast engine as well as updating the malware/virii database, do a FULL SYSTEM SCAN. I'd also recommend Malware Bytes or SuperAntiSpyWare (both are available for free) and do a full scan with those as well.

Nick McDermott

Top