Author Topic: sTRange warning from avast (Read 3256 times)

REDACTED · « **on:** August 17, 2014, 09:59:38 AM »

I have had a warning from Avast that a URL I clicked on contains a trojan.
I e mailed the owner who has checked the code and found nothing .
He checked the URL I e mailed him and he found nothing, even with Avast.
I have scanned my mail folder which included his e mail and the URL and Avast found nothing.
Any explanation???

Edit.
This is the website:

http://www.minster-in-thanet.org.uk/whatson.shtml

Click on Village calendar and this is what I get:

Infection detected!

http://www.minstercalendar.co.uk/

The requested URL contains malicious code that can damage your computer. If you want to access the URL anyway, turn off the avast! web shield and try it again.

Infection type: JS ;Decode-BDM [Trj]

The smilie doesn't appear on the avast warning, it replaces a D when I send to Sheffield Forum
Is it my iMac??

Asyn · « **Reply #1 on:** August 17, 2014, 10:05:58 AM »

-> http://sitecheck.sucuri.net/results/www.minstercalendar.co.uk/

specimen9999 · « **Reply #2 on:** August 17, 2014, 04:28:46 PM »

It means that scanner detected a malicious file coming from that site, it might be a false positive. As Asyn noted, the site seems to be indeed compromised. The owner of the site seems to be unaware of this and he should contact some professional service to audit the site if he's not able to do it.

Note: I didn't click the links so I don't know if I get the same response, likely I will, but as a rule of thumb I don't click links that have already been flagged as carrying malicious code. I would only run it in a separate virtual machine.

Another report for that site, also reports a trojan: http://app.webinspector.com/public/reports/24265904

You should show these reports to the site owner.

REDACTED · « **Reply #3 on:** August 18, 2014, 08:49:39 AM »

Bump.

specimen9999 · « **Reply #4 on:** August 18, 2014, 01:44:54 PM »

Quote from: SafeSurf on August 18, 2014, 08:49:39 AM

@ specimen9999,

You can continue with the OP in assisting him with removing his malware or referring him elsewhere (like GTG) as we discussed or ask a Mod. to assist you. Thank you.

I'm sorry, I think you didn't understand my last pm. I didn't agree on anything you said, which was that I would be responsible for the Mac forum (!?). I don't work for avast! nor I recognized any authority in yourself that would make me abide. I've consulted both with forum mods and uber evangelists.

I'm writing this publicly because you are giving me, what appears to be orders, publicly, you also seem to have ignored my PM.

Pondus · « **Reply #5 on:** August 18, 2014, 04:59:30 PM »

Quote

@ specimen9999,

You can continue with the OP in assisting him with removing his malware or referring him elsewhere (like GTG) as we discussed or ask a Mod. to assist you. Thank you.

He cant do that SafeSurf as the problem is on the website ..... not in the computer

and this is the info given from Sucuri http://labs.sucuri.net/db/malware/php-error-fatal-error

REDACTED · « **Reply #6 on:** August 18, 2014, 09:17:33 PM »

@ Pondus,

Understand. I have edited my post so as not to confuse the OP. Thank you.

specimen9999 · « **Reply #7 on:** August 18, 2014, 09:39:09 PM »

@SafeSurf

The part in your post about changing malware links to hxxp so people don't accidentally click them was actually useful.

Author Topic: sTRange warning from avast (Read 3256 times)

REDACTED

sTRange warning from avast

Asyn

Re: sTRange warning from avast

specimen9999

Re: sTRange warning from avast

REDACTED

Re: sTRange warning from avast

specimen9999

Re: sTRange warning from avast

Pondus

Re: sTRange warning from avast

REDACTED

Re: sTRange warning from avast

specimen9999

Re: sTRange warning from avast