Hi malware fighters,
ad.afy11.net
Domain Hash 500182070249821b725ef7e84052a682
IP Address 74.117.196.102 [SCAN]
IP Hostname -
IP Country US (United States)
AS Number 2762
AS Name ADIFY-1 - ADIFY CORPORATION
Detections 4 / 19 (21 %)
Status DANGEROUS
What is being found there?
Threats found: JS.Exception.Exploit
File name: c:\documents and settings\user\local settings\temporary internet files\content.ie5\jhzq3mya\al-hadidi.8m[1].htm
Location: htxp://ad.afy11.net/ad?asId=1000001009507&sd=2x160x600&ct=15&enc=0&sf=0&sfd=0&ynw=0&anw=1&rand=11610694&rk1=25747710&rk2=1275243626.196&pt=0&trl=http%3A%2F%2Fa.rfihub.com%2Facs%2F116_0_YWE9ODQ3MiwzNjIyMSw2NzQ5LDEyNjc4LDc1OSwzNjQ5LDdNdjhuMU1zUEx6aSxwLDQ2MywxMDgwLDczOTcsODM3LDUzMjImcmI9NDQ1JnJlPTEyMTM3
Re:
http://hosts-file.net/?s=ad.afy11.nethtxp://ad.afy11.net/srad.js?azId=938840
JS.Exception, a.ka. HTML.VmExploit, a.k.a. JS/Exploit, is not a virus, but rather an exploit that takes advantage of a security vulnerability in Microsoft's Internet Explorer. This vulnerability can also carry over to Outlook and Outlook Express, and any other mail client that uses Internet Explorer to render html email messages. There are many known exploits involving this vulnerability. The most common variety changes the user's default home or search page.
About the exploit:
http://antivirus.about.com/od/virusdescriptions/a/jsexception.htmpolonus
