Author Topic: Avast is dectecting Pandanda contact form as malware [Resolved]  (Read 7309 times)

0 Members and 1 Guest are viewing this topic.

Offline Coolmario88

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1552
  • Bronies make the web go round
Hello Avast is dectecting pandanda contact form as malware is it a false alert or something here is a picture i uploaded hxxp://twitpic.com/26bujy/full
« Last Edit: July 20, 2010, 10:42:11 AM by Coolmario88cp »
OS: Windows 10 64-bit
Webbrowser: Mozilla Firefox

Offline Coolmario88

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1552
  • Bronies make the web go round
Re: Avast is dectecting Pandanda contact form as malware
« Reply #1 on: July 20, 2010, 04:30:48 AM »
 ??? hello i asked is this a false alert or something but nobody replied to it  :'(
OS: Windows 10 64-bit
Webbrowser: Mozilla Firefox

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84788
  • No support PMs thanks
Re: Avast is dectecting Pandanda contact form as malware
« Reply #2 on: July 20, 2010, 05:00:13 AM »
Yes you did, but I don't believe any of those viewing it have any idea what this is.

Generally I don't visit off-forum sources to view images. Images can be posted in the topic with the link to any image sharing resource or attached to the actual post. When attaching images (additional options in the Reply to post) try cropping the image to only that necessary to make the point and using the .gif image format also keeps the image file size down for us poor saps stuck on dial-up.

That way anyone who may be able to help doesn't have to work outside of the topic, it just makes it easier, see image1 attachment. What would have made it even easier would have to have been to post the URL with the
http part changed to hXXp to break the suspect link to avoid accidental exposure.

The web shield has been very accurate on such detections in the past.

The upshot of all this is that this form has been hacked (image2) trying to run a script on what would appear to be a malicious site (image3) and it may well be that other parts of the site have also been hacked. Also see info on the redirect site http://www.mywot.com/en/scorecard/kdjkfjskdfjlskdjf.com.

By providing this information in the post to start with would have guaranteed a response fairly quickly as it is it has taken me over 20 minutes to extract the information and investigate it.

So it is no false positive and avast isn't alone in this detection, http://www.virustotal.com/analisis/0e57550c68731abf8263d5d48c5f4ceb3e58f38b3f2e02e80154495a413811cc-1279594335

That's me for the night, after 4am here.
« Last Edit: July 20, 2010, 05:04:43 AM by DavidR »
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5198
Re: Avast is dectecting Pandanda contact form as malware
« Reply #3 on: July 20, 2010, 10:32:03 AM »
Coolmario88cp,

Please change the link you put in your first post from http to hXXp so that others cannot click on it and get infected since this is a malware site.

If you feel that your issue is now resolved/fixed, please go back to the open post in this topic, click the modify button in that Post and change the title/subject, add [Resolved] to the beginning of the title.

If you feel that you need assistance with malware removal, please post in the Virus/Worms section of the forum.  Thank you.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline Coolmario88

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1552
  • Bronies make the web go round
Re: Avast is dectecting Pandanda contact form as malware
« Reply #4 on: July 20, 2010, 10:34:43 AM »
OMG i didn't know that is the website pandanda safe itself or is it just the contact form?  and thank you for helping
OS: Windows 10 64-bit
Webbrowser: Mozilla Firefox

Offline Coolmario88

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1552
  • Bronies make the web go round
Re: Avast is dectecting Pandanda contact form as malware
« Reply #5 on: July 20, 2010, 10:35:52 AM »
Coolmario88cp,

Please change the link you put in your first post from http to hXXp so that others cannot click on it and get infected since this is a malware site.

If you feel that your issue is now resolved/fixed, please go back to the open post in this topic, click the modify button in that Post and change the title/subject, add [Resolved] to the beginning of the title.

If you feel that you need assistance with malware removal, please post in the Virus/Worms section of the forum.  Thank you.
i don't know how to. but you maybe know so how do i
OS: Windows 10 64-bit
Webbrowser: Mozilla Firefox

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5198
Re: Avast is dectecting Pandanda contact form as malware
« Reply #6 on: July 20, 2010, 10:40:29 AM »
Only you can do it since you made the post.  Go back to your original post and click on "Modify" (top right corner).  Then change the http to hXXp.  Then go to the bottom of the page and "Save."
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline Coolmario88

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1552
  • Bronies make the web go round
Re: Avast is dectecting Pandanda contact form as malware [Resolved]
« Reply #7 on: July 20, 2010, 10:50:05 AM »
before i get off online i have a question if avast blocked that contact form i shouldnt have malware on my computer from it should i?
OS: Windows 10 64-bit
Webbrowser: Mozilla Firefox

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5198
Re: Avast is dectecting Pandanda contact form as malware [Resolved]
« Reply #8 on: July 20, 2010, 10:56:57 AM »
Shouldn't....but no software is 100%.  I, and many others believe in a layered line of security defense, so I recommend using an on-demand malware scanner as a "just in case."

First, did you run a Full Scan and a Boot-time scan with Avast?  They will take a while but allow any infection to go into the Virus Chest.  Make sure your Avast definitions are up to date prior to running the scans.

For an on-demand scanner, check your computer for malware with Malwarebytes’ Anti-Malware (MBAM).
·   Download free http://www.malwarebytes.org/ for an on-demand scanner.
·   Double Click mbam-setup.exe to install the application.
·   After install, click update so you have latest database before scanning.
·   Under Settings:
o   General: Automatically Save File After Scan Completes is checked off
o   Scanner SettingsCheck all boxes
o   Updater: Download and install update if available is checked off
·   Once the program has loaded, select "Perform FULL Scan", then click Scan.
·   The scan may take some time to finish, so please be patient.
·   When the disinfection scan is complete, a log will appear in Notepad and you may be prompted to Restart. (See Extra Note).
·   Click the “remove selected” button to quarantine anything found.  You will find the infection details under the Quarantine tab.
·   The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
·   Copy & Paste the entire report in your next reply if anything positive comes up.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts -- Click OK to either and let MBAM proceed with the disinfection process; If asked to restart the computer, please do so immediately.


 

Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline SafeSurf

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5198
Re: Avast is dectecting Pandanda contact form as malware [Resolved]
« Reply #9 on: July 20, 2010, 11:00:13 AM »
If Avast blocked you from entering the site, you should be fine.  But the suggestions I gave you are something you should do to make sure you are clean, but not something you need to do right now...just to clarify.
Mac 10.9.4 /Safari and Firefox (NoScript/AdBlockPlus/BetterPrivacy/Ghostey)/
Vista Home Prem (same add-on's)/Avast Free/Online Armor Premium Firewall/MBAM Premium)/ Mobile MBAM.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 70052
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Avast is dectecting Pandanda contact form as malware
« Reply #10 on: July 20, 2010, 12:26:24 PM »
OMG i didn't know that is the website pandanda safe itself or is it just the contact form?  and thank you for helping

Seems only to be the form. (See report)
You should inform the webmaster about it.
asyn


Report    2010-07-20 12:19:31 (GMT 1)
Website    pandanda.com
Domain Hash    541672c70443d12ecf91248fb3e06865
IP Address    72.167.131.2 [SCAN]
IP Hostname    p3slh151.shr.phx3.secureserver.net
IP Country    US (United States)
AS Number    26496
AS Name    PAH-INC - GoDaddy.com, Inc.
Detections    0 / 17 (0 %)
Status    CLEAN

Win 8.1 [x64] - Avast PremSec 21.3.2459.BUC [UI.612] - EEK - Firefox ESR 78.10 [NS/uBO/PB] - TB 78.10
Avast-Tools: Secure Browser 90.0 - Cleanup 21.1 - SecureLine 5.11 - Driver Updater 21.1 - CCleaner 5.78
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Coolmario88

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1552
  • Bronies make the web go round
Re: Avast is dectecting Pandanda contact form as malware [Resolved]
« Reply #11 on: July 21, 2010, 11:27:24 PM »
 :) i told pandanda to check there html script and they told me they found the malware in it that avast was dectecting and now its fixed i even tested it :)
OS: Windows 10 64-bit
Webbrowser: Mozilla Firefox

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 84788
  • No support PMs thanks
Re: Avast is dectecting Pandanda contact form as malware [Resolved]
« Reply #12 on: July 21, 2010, 11:38:55 PM »
Fixed is fine, but if they only remove the injected script tab in the hacked page and fail to find out why they were hacked (vulnerable software being exploited) then there is every likelihood that it could be back.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 21.3.2459 (build 21.3.6164.561) UI 1.0.609/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security