« previous next »
Pages: [1]   Go Down

Author Topic: This site now clean or still infecting with W32.Ramnit!inf?  (Read 1858 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
This site now clean or still infecting with W32.Ramnit!inf?
« on: August 22, 2012, 10:44:32 PM »
Here given as benign: http://zulu.zscaler.com/submission/show/02475e501d3931771137fc4c2491d3bb-1345667065
See: http://safeweb.norton.com/report/show?name=libranetwork.com  Threat W32.Ramnit!inf
Flagged here: http://urlquery.net/report.php?id=141890
Site flagged by Bitdefender's TrafficLight
http://wepawet.cs.ucsb.edu/view.php?hash=4fa107b3fb6c359bc4f95d1030a35cce&t=1345667868&type=js

polonus

IP adress reserved traced back to ISP: Hetzner Online AG RZ as static.0.0.9.5.clients.your-server.de
DTD/xhtml1-transitional.dtd ....
« Last Edit: August 22, 2012, 10:56:51 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
Re: This site now clean or still infecting with W32.Ramnit!inf?
« Reply #1 on: August 22, 2012, 11:03:06 PM »
Hi folks,

Also see connection with this reserved site and this site (hitfar, dot com) : http://www.mywot.com/en/scorecard/hitfarm.com?utm_source=addon&utm_content=warn-viewsc
This company provides a foundation for spam web sites, spam links, spam clicks, and more to manipulate search engine ranking and there is a huge type-squatting service, leading to negative visitor experiences.
So certainly not everything that goes on there is "kasher",

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »