Avast WEBforum

Other => Viruses and worms => Topic started by: over on April 15, 2012, 12:39:25 AM

Title: Need to remove shemybiseropletenija.ru site from the black list of Avast
Post by: over on April 15, 2012, 12:39:25 AM

Hi everyone!
My site hxxp://shemybiseropletenija.ru is now blocked by Avast antivirus, and all checks shows me that everything is okay and there is no viruses on the site. Please check it ones more and help me with my site!

Title: Re: Need to remove shemybiseropletenija.ru site from the black list of Avast
Post by: polonus on April 15, 2012, 12:42:37 AM

Break that link to live malware. Site has a trojan: http://zulu.zscaler.com/submission/show/fe5390be4897f44ebcdcda8dcbc65f0d-1334443286

polonus

Title: Re: Need to remove shemybiseropletenija.ru site from the black list of Avast
Post by: !Donovan on April 15, 2012, 12:56:35 AM

Sucuri: http://sitecheck.sucuri.net/results/shemybiseropletenija.ru

See attachment #1 for the line the malware is on. See attachment #2 for deobfuscation results.

This common malware checks for the site used to get to your site. Based on the results it, will either redirect or do null.

Title: Re: Need to remove shemybiseropletenija.ru site from the black list of Avast
Post by: Pondus on April 15, 2012, 01:48:50 AM

jotti
http://virusscan.jotti.org/en/scanresult/c4b54e0135658fb75ab2bd8eabf0c8077a3ae473

VirusTotal
https://www.virustotal.com/file/621933fe1ecc7b4d4501d140d089ff71ce02c7cf92c65cd26b2ed479104c199a/analysis/1334447148/