Author Topic: URL:Mal y HTML:RedirME-inf FAKE??  (Read 58124 times)

0 Members and 1 Guest are viewing this topic.

4444

  • Guest
URL:Mal y HTML:RedirME-inf FAKE??
« on: April 01, 2012, 11:45:53 PM »
Hi to everyone..

Each time I enter at my myspace wabpage, avast detects and blocks those virus:

URL:Mal y HTML:RedirME-inf

My myspace webpage is:

hxxp://xxx.mysxxxpace.com/xxxxxxx

I tryed changing password, updating avast, and changing the code of the persolalizad widgets of the page, but AVAST keeps notifying about those virus. Im totally lost, any help?

___________

« Last Edit: April 05, 2012, 02:08:21 PM by 4444 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37504
  • Not a avast user
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #1 on: April 01, 2012, 11:50:14 PM »
can you attach a screen shot of the avast warning ?



urlQuery - suspicious
http://urlquery.net/report.php?id=36831


wepawet list some redirects..
http://wepawet.iseclab.org/view.php?hash=3b77f4196c20617f5768b96bab505453&t=1333317231&type=js
« Last Edit: April 02, 2012, 12:02:38 AM by Pondus »

4444

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #2 on: April 02, 2012, 12:03:59 AM »


http://img21.imageshack.us/img21/3337/virus1j.jpg

ok, this is one, ill try to upload the other
« Last Edit: April 02, 2012, 12:06:08 AM by 4444 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37504
  • Not a avast user
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #3 on: April 02, 2012, 12:10:01 AM »
you can attach them here....
crop the picture so we only see the avast warning..and attach here

see belowe the text box    "Attachments and other options"

4444

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #4 on: April 02, 2012, 12:11:46 AM »
OK here are both
« Last Edit: April 05, 2012, 02:08:47 PM by 4444 »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #5 on: April 02, 2012, 12:16:01 AM »
Get no avast alerts when opening in Google Chrome. Has that what is flagged been cleansed or does it no longer respond?
Get several  HTTP 1.1 302 Object moved i.e.  "response.redirect" on the requested page,

polonus
« Last Edit: April 02, 2012, 12:28:20 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

4444

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #6 on: April 02, 2012, 12:24:27 AM »
chrome works perfectly, no message opening other websites, is only each time I refresh my web: hxxp://xxxx.myxxxxce.com/xxxxxxx

the second part of your question i dont understand it, after each alert everything works fine, AVAST seem to just block those virus, nothing more, my computer seem to work well..

is that answering?

also, I have done an AVAST  full system scan and my computer dont seem to be infected
« Last Edit: April 05, 2012, 02:09:17 PM by 4444 »

4444

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #7 on: April 02, 2012, 12:30:05 AM »
Also, I have to say that I have seen AVAST virus alerts in others myspace profiles, but NEVER in mine. Untill now

Dont remember the virus of the other profiles. Is it a fake alarm?

« Last Edit: April 02, 2012, 12:41:16 AM by 4444 »

4444

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #8 on: April 02, 2012, 12:32:36 AM »
Quote
Get no avast alerts when opening in Google Chrome.

do you mean that you dont have the AVAST popup message entering in the web?

Should I reinstallo AVAST?

adotd

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #9 on: April 02, 2012, 12:32:52 AM »
i know that im not allowed to post in here

polonus

 
Quote
hxxxp://b.s/***************or**************earch.com/

ROGUE SECURITY SCANNER
   
read that m8

hxxxp://www.urlvoid.com/scan/scor********************.com/

I WOULD HAVE SENT IT BY PM BUT I CANT
« Last Edit: April 02, 2012, 03:32:51 PM by adotd »

4444

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #10 on: April 02, 2012, 12:46:20 AM »
can you attach a screen shot of the avast warning ?



urlQuery - suspicious
http://urlquery.net/report.php?id=36831


wepawet list some redirects..
http://wepawet.iseclab.org/view.php?hash=3b77f4196c20617f5768b96bab505453&t=1333317231&type=js

hxxxp://b.scorecardresearch.com/beacon.js


Sorry for my ignorance, but those links say nothing to me or very few..

Doctor? how do I solve my problem.. Do I have a problem?

THANKS ALOT
« Last Edit: April 02, 2012, 12:48:31 AM by 4444 »

adotd

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #11 on: April 02, 2012, 12:56:45 AM »
Please hold on, im trying to get someone to help you. 8)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #12 on: April 02, 2012, 01:03:03 AM »
@adotd,

Here you may participate, because it is not about giving advice for qualified malware removal. And you are not hindering a qualified malware routine.
What you come up with  is a privacy risk for a particular subdomain found there, that is flagged, but they say it is currently found safe. Good observation, as it is tracker script, and benign as far as we can establish here: http://zulu.zscaler.com/submission/show/95f6e60bcecfc453edd2f9bea7f3e8c9-1333320107
The BrightCloude index score is green 88 for the IP, that means "There is a very low probability that the user will be exposed to malicious links or payloads",

@4444
I found the vulnerability via Chrome PasswordFail extension and this is valid:

And this was a  problem: This website send passwords in clear text upon request
NAME   MySpace
TYPE   Social Network
STATUS   Insecure
REPORTED BY   sondreb
REPORTED DATE   Saturday, September 12, 2009
LAST UPDATED DATE   Saturday, September 12, 2009

And we have this report: http://www.google.com/safebrowsing/diagnostic?site=www.msplinks.com
See: http://www.unmaskparasites.com/web-page-options/?   3 exploits), 1 scripting exploit:
url=hxtp//www.msplinks.com/MDVodHRwOi8vd3d3LmJsZWVwaW5nY29tcHV0ZXIuY29tL2ZvcnVtcy90b3BpYzM5MDU0MC5odG1s%3Ft%3Dq0iUWTbWPeWgQTnFXorIMYqhYNULQkEFV7OeQS8S14zsRvDdKxEhjSKIX0QvOSGMRDuJkq9125ByyjJE-DxxlQ (no longer responding - was discussed at bleeping computer...)

polonus
« Last Edit: April 02, 2012, 01:11:42 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

adotd

  • Guest
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #13 on: April 02, 2012, 01:08:47 AM »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: URL:Mal y HTML:RedirME-inf FAKE??
« Reply #14 on: April 02, 2012, 01:17:19 AM »
That says currently safe. But it could also be the OP has something on his puter and then he has to go here: http://forum.avast.com/index.php?topic=53253.0
and we must leave it to the qualified malware removal experts,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!