Author Topic: Virus Warrnings  (Read 5252 times)

0 Members and 1 Guest are viewing this topic.

WLDCU

  • Guest
Virus Warrnings
« on: July 15, 2009, 11:15:37 PM »
Is there a way of customizing avast alerts so that they will give me more information and details?

I got this from one of our Terminal Servers:

avast! [server name]: File "hXXp://members.lycos.nl/lakod/menu.js" is infected by "JS:Redirector-F [Trj]" virus.
"Resident protection (Web Shield)" task used
Version of current VPS file is 090715-0, 07/15/2009


It does not tell me who the user was, nor if it was able to quarantine or delete the file. If there is a way of customizing alerts and having it give additional information like user, action taken, etc., where do I do that in ADNM?

Thanks.
« Last Edit: July 16, 2009, 06:46:44 PM by WLDCU »

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86132
  • No support PMs thanks
Re: Virus Warrnings
« Reply #1 on: July 16, 2009, 01:31:58 AM »
Sorry I don't use the server version so can't address those issues.

However, the JS:Redirector-F malware is an indication that that members.lycos site has been hacked to redirect to a malicious site or run code from that site. The web shied would block that from happening, giving the user only one option 'Abort Connection,' which would drop the infected file stopping it being run. So the fire as such shouldn't have got on the system to be either quarantined or deleted by the user.

Please 'modify' your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.11.2500 (build 21.11.6809.528) UI 1.0.683/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33450
  • malware fighter
Re: Virus Warrnings
« Reply #2 on: July 16, 2009, 01:53:48 AM »
Hi WDLCU & DavidR,

1 hidden external link found.
Code: [Select]
EDITED A> hidden ?" target="_blank"> - http://ad.de.doubleclick.net/jump/cd.tripod-test_DE/_default;sz=728x90;ord=<?php echo time(); ?^?
<
Scriptlink http://ad.de.doubleclick.net/adj/cd.tripod-.....test_DE/_default;sz=728x90;ord=17858b96

2 suspicious inline scripts found:
Script outside of <HTML>..
Code: [Select]
.</HTML> block
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.")
Script outside of <HTML>...</HTML> block
Code: [Select]
try {
var pageTracker = _gat._getTracker("UA-7539432-11");
pageTracker._trackPageview();
} catch(er...
Malicious software includes 2140 scripting exploit(s), 231 trojan(s), 11 exploit(s). Successful infection resulted in an average of 3 new process(es) on the target machine.

Malcode is being hosted on 275 domains, e.g. onlyfind.net/, online-life.org/, soft-cheap.com/.

77 domains seem to function as intermediaries for spreading malware to visitors of mentioned site, e.g. onlyfind.net/, soft-cheap.com/, online-life.org/.

This site was hosted on 2 network(s) including AS25074 (INETBONE), AS15169 (GOOGLE).

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

WLDCU

  • Guest
Re: Virus Warrnings
« Reply #3 on: July 16, 2009, 06:49:59 PM »
Thanks for the reply guys.

Can some one answer me if there is a way of customizing Alerts in ADNM and if so how it's done?

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86132
  • No support PMs thanks
Re: Virus Warrnings
« Reply #4 on: July 16, 2009, 07:13:57 PM »
Sorry, as I said I don't use the server version, nor do I use ADNM, so can't address those issues.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.11.2500 (build 21.11.6809.528) UI 1.0.683/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

oscarenzo

  • Guest
Re: Virus Warrnings
« Reply #5 on: August 30, 2009, 07:04:55 PM »
Hi, how i can configure the avast alert's, i've a avast for linux server, run on centOS