Avast WEBforum
Other => Viruses and worms => Topic started by: polonus on November 05, 2011, 03:31:14 PM
-
See: http://urlquery.net/report.php?id=7445
Found this: -xtraliteroofsystems.co.uk/templates/vanilla/warp/js/dropdownmenu.js suspicious
[suspicious:2] (ipaddr:-178.18.113.205) on -ds183125-1.lcndedicated.com
(script) - xtraliteroofsystems.co.uk/templates/vanilla/warp/js/dropdownmenu.js
http://www.google.com/safebrowsing/diagnostic?site=xtraliteroofsystems.co.uk
5 scripting exploits, 1 exploit.
same here: -lamborghiniclub.co.uk/media/system/js/caption.js suspicious
all due to maxruntime exceeded 10 seconds (incomplete) 0 bytes
The blacklisting could have been because of this one time malcious redirect:
-http://shdgul.xtraliteroofsystems.co.uk/pr/scrp.php via a hidden iFrame hack
pol
-
Blacklisted by who ?
Many blacklists are of historic data and are slow to remove from a blacklist.
-
Hi DavidR,
I checked this because I found it mentioned on a recent VirusWatch migration listing. That was from yesterday.
The malware landscape is an ever changing one. After reading the book Innocent Code recently, I became further convinced that the web has an innumerate number of vulnerable sites on it (meaning there is no scientific method to tackle this problem profoundly). So there is an enormous amount of scanning going on, together with the know how that brings, to make users more aware of the threats out there and help them towards better protection. But we still have a long, long way to go. I think it makes sense, else I would not be doing this here.
Then I have to say there is not an online scanner out there and there is a large scala of them that will give the ultimate final results. You have to combine the results of various scanners and sometimes have to go and have a look at the code itself residing there to give a reliable verdict of the actual situation and what might be out there.
Blacklists and web rep lists are hopeless resources i.m.h.o. Just look here.
Well, I compared these two lists and they come up with different results:
http://www.checksitesafe.com/site/xtraliteroofsystems.co.uk
This gives you 40 points more: http://www.webutation.net/go/review/xtraliteroofsystems.co.uk
I know that site has Joomla on it and therefore it is prone to Joomla vulnerabilities,
polonus
-
Hi DavidR,
You have to combine the results of various scanners and sometimes have to go and have a look at the code itself residing there to give a reliable verdict of the actual situation and what might be out there.
polonus
So true.We need an online(literally) service which is able AT LEAST to check for code changes etc.