The file needs to be saved with UNIX (0A) Line endings and the two blank lines at the end need to be present for detection.
Filesize: 393 bytes
Is this a false alert or are any of the sites malicious? Why is the virus scanner putting up an alert? Was it the Heuristics? Because I have those set to OFF.
This is just a question out of curiosity.
PLEASE DO NOT VISIT those URLs with your browser unless you are using a Sandbox or know what you are doing. Just because I couldn’t find malicious behavior doesn’t mean it is clean.
If there is any background information about the maliciousness of the code I would be happy to hear about it. I like to stay up-to-date on web security.
The site where I encountered this in an IFRAME does no longer seem to have it online.
This is to inform you that false-positive has been fixed.
You can update to AV database Version <11151> of Comodo Internet Security Version<5.9.219863.2196> and confirm it.
Confirmed, the file is no longer detected. Question is, was it malicious in the first place?
Also in my opinion the detection of the file in the browser cache will not prevent display of the web page in most browsers, so this is more an “after-infection/execution-cleanup” operation. Or am I wrong?
Thank you for your quick response, that is why Comodo rocks.
@HeffeD: I see your point, although the link was not clickable it was potentially dangerous.