3dgameman.com and Avast

12 replies [Last post]
limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

hey my avast has just started to popup with something everytime i do something on 3dgameman.com and its the only site too do it on just wanted to know if anyone else got problems or if it's just me

Infection Details
URL: http://www.3dgameman.com/misc/jquery.js?...
Process: C:\Program Files (x86)\Mozilla Firefox\f...
Infection: JS:ScriptDC-inf [Trj]

3dGameMan
3dGameMan's picture
Offline
Joined: 12/31/2000
Posts: 5061

I'm ok, but I don't use Avast... Let us check it out..

Anyone else experiencing this?

Rodney Reynolds,
Register: http://www.3dgameman.com/user/register

Administrator
Administrator's picture
Offline
Joined: 08/04/2009
Posts: 220

There's nothing wrong with that script. It's an open source jQuery script. There may have been a malware banner through the ad networks... I don't have anything to prove that though. LimeDK, it looks like your report had more added to the end of that .js file URL path... Can you provide that entire link? thanks!

spawnkiller
spawnkiller's picture
Offline
Joined: 05/06/2012
Posts: 310

No problem with mine too, tested with Comodo Dragon, Firefox, Chrome and IE on Comodo Antivirus/Firewall

Gaming PC: MSI Z77A-G45 ::: Intel Core I7 3770k @ 4.83Ghz ::: EVGA GTX680SC Signature ~1300mhz Boost/7122mhz ram ::: 16GB 4*4gb G.Skill 2240mhz CL10 ::: ASUS Xonar DX ::: Crucial M4 128gb (windows) + Intel 330 180gb (Steam games) + 1TB Caviar Black (storage) ::: Cooler Master Silent Pro Gold M1000 ::: Antec P280 ::: Noctua NHU12P SE2 ::: ASUS VE247H ::: Logitech G510 ::: Cooler Master Storm Sentinel II ::: Logitech X530 ::: Steelseries Siberia V-2 Black & gold edition

98% Of people under 25 surround their minds with rap music, if you're part of the 2% that stayed with rock, put this in your signature, ROCK IS BETTER!

limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

heres a screen shot of everything http://imageshack.us/a/img5/4420/avastthing.png

spawnkiller
spawnkiller's picture
Offline
Joined: 05/06/2012
Posts: 310

I've just disaled my comodo and installed Avast and with google chrome, no problem but with Firefox and IE i get the same detection as you... don't know why Avast block that, i'll do my best to point out that sh** cause it's s**** when you can't join your favorite website ;)

AuraofVengeance
AuraofVengeance's picture
Offline
Joined: 03/16/2011
Posts: 8

I visited the site the past few days and around the time you made this post without avast tripping up. Just to let you know the script triggered an alert today. no biggie though :P

hellblazer55
hellblazer55's picture
Offline
Joined: 12/05/2008
Posts: 91

F-Secure caught that one on my end, so avast wasn't the only prog to catch that.

Rig| Coolermaster HAF X NVIDIA Edition | ASUS Sabertooth 990FX AMD AM3+ TUF Motherboard | AMD Phenom II 1100T Black Edition Six Core Processor -OC 4.23GHz | G.SKILL Ripjaws X F3 1866 8GB | Corsair Neutron GTX Series 2.5" Solid State Drive - 120GB | Western Digital Caviar Black Hard Drive - 1.0 TB x 2 | ASUS Blue Ray & DVD Multi | EVGA GeForce GTX 560 Superclocked Video Card - 2GB | Corsair Hydro H100 CPU Liquid Cooler | Corsair Professional HX1000W

Administrator
Administrator's picture
Offline
Joined: 08/04/2009
Posts: 220

This appears to be a trojan on the PC it'self that's trying to utilize the jQuery script to work as it's relay. I've uploaded the stock jQuery.js file and it's a perfect match.

The AV software you're using is alerting you to the fact that it's trying to access 3GM's jQuery. In the image provided, Avast is telling you FireFox is running the infection.

limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

well its seems to be gone now but gonnna cheack my system for a virus

3dGameMan
3dGameMan's picture
Offline
Joined: 12/31/2000
Posts: 5061

Let us know.

limeDk
limeDk's picture
Offline
Joined: 04/22/2011
Posts: 124

well avast did not find at virus and it does not find anything when i go to 3dgameman.com so everything is fine now thanks for the help everybody (=

eire1274
eire1274's picture
Offline
Joined: 09/12/2003
Posts: 1154

Ran a full query with Kaspersky IS Enterprise 2013. No infection, though it sited the JavaScript as a "loose or exploitable code". It is possible an ad plug-in could have caused this, but I also agree that the most likely is a system app (trojan) that is using the script as a relay. I'd suggest updating to the latest Avast engine as well as updating the malware/virii database, do a FULL SYSTEM SCAN. I'd also recommend Malware Bytes or SuperAntiSpyWare (both are available for free) and do a full scan with those as well.

Nick McDermott