×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tomg
Former Member
Message 1 of 4

Blocked Threat File Through Website

Hi,

I am currently using another A/V which came with my system  but I am thinking of switching over to McAfee. 

Whenever I  try logging on to FixCleaner.com to refer to my FixCleaner program I get a red Threat Found warning with the file HTML/scrInject.B Gen Virus listed.  On the top of the home page McAfee Security is credited as insuring that the site has been tested that day and is secure.

I contacted the FixCleaner vendor and they assure me the site is fine and that the warning is a "False Positive" being detected by my A/V.  Sure enough, when I go to the site with my laptop computer at work it opens fine with no warning. This computer has the companies A/V.  I trust that I am on safe grounds with my home system due to the McAfee assurance logo.  Can anyone tell me what this "False Positive" is? I simply quarantned the file but if I open the website again I will get the same message.   Thanks,    Tom

Message was edited by: tomg on 3/15/12 6:23:28 PM CDT
3 Replies
exbrit
MVP
MVP
Message 2 of 4

Re: Blocked Threat File Through Website

Moved this to SiteAdvisor.   Both SiteAdvisor and an independent website rating by WoT label the website as safe and give it a green light.   I'm not sure what your A/V is detecting or why but perhaps you should be asking them to investigate.

As far as the software advertised there, I don't personally recommend it, but it's your choice of course.

PC optimizers and registry cleaners all boast marvelous improvements in computer speed etc. and what they don't tell you is that they often clean out good stuff along with the bad, causing malfunctions.

No antivirus is perfect in any case and it's always wise to carry7 something extra in the way of anti-malware tools.

I list a few here under 'Free 3rd Party Tools':  https://community.mcafee.com/docs/DOC-2168

By the way, I got no warnings or anything else untoward by visiting that site.

.

Message was edited by: Ex_Brit on 15/03/12 8:52:39 EDT PM
Hayton
Reliable Contributor
Reliable Contributor
Message 3 of 4

Re: Blocked Threat File Through Website

You must be using ESET, as that is the name they give to "Trojan:JS/BlacoleRef.A" (Microsoft's name for it).

See http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AJS%2FBlacoleRe...

Trojan:JS/BlacoleRef.A is a JavaScript trojan that modifies webpages by inserting malicious iFrames into HTML pages


The trojan may be installed by other malware.

Trojan:JS/BlacoleRef.A inserts iFrames directing users to malicious webpages into HTML pages, in an effort to entice users into visit these compromised sites.


There are no common symptoms associated with this threat - links are activated within IFrames while viewing web content on maliciously modified pages. Alert notifications from installed antivirus software may be the only symptoms.

(Peter, I should run a Malwarebytes scan. That seems to pick it up, according to the usual sources at BleepingComputer. It modifies registry keys and values.)

The site may well have been clean when McAfee tested it, and it may well be clean now. But if it was modified by the above Trojan then for a while at least visiting it could have been risky - but only if you had clicked on any of the links on the webpage. If not, you wouldn't necessarily have noticed anything different, or suffered any ill-effects on your PC.

I've checked the site with Sucuri and also checked its status in Trustedsource and Google Safe Browsing and a few other tools and none of them report any problems. It could indeed be a false positive from your AV program. But, to be on the safe side, you could upload that quarantined file to VirusTotal.com and see how many AV vendors flag it as suspicious.

However.

The reviews of FixCleaner.com on SiteAdvisor and WOT are mixed. Many reviewers give FixCleaner the thumbs down. And you are not the first to see a warning about the site.

fixcleaner.com - WOT Reputation Scorecard - WOT (Web of Trust).png

Message was edited by: Hayton on 16/03/12 01:51:08 GMT
exbrit
MVP
MVP
Message 4 of 4

Re: Blocked Threat File Through Website

I didn't click anything, just visited it.  My PC is asleep now and am watching TV, using my iPad2 to respond. But thanks for the recommendation and will do a quick scan in the morning.

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community