Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Why this uri is not blocked? Known javascript malware detected!
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Why this uri is not blocked? Known javascript malware detected! (Read 1329 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34053
malware fighter
Why this uri is not blocked? Known javascript malware detected!
«
on:
January 11, 2014, 04:20:37 PM »
See:
https://www.virustotal.com/nl/domain/all-horoskop.ru/information/
&
http://maldb.com/all-horoskop.ru/#pages
Blacklisted -> Yandex reports all-horoskop.ru as SMS-fraud resource and Site Advisor!
Flagged:
http://sitecheck.sucuri.net/results/all-horoskop.ru
Found to be suspicious:
http://zulu.zscaler.com/submission/show/1079ebf9515a8c2ded7ec620848e1534-1389452122
Qutera;s give this malcious file: /application/libraries/lib.js
Severity: Malicious
Reason: Detected known malicious content.
Details: Threat detected according to previously retrieved information
File size[byte]: 1684
File type: INI
MD5: 69F6EF884176F472B3924F62A501F26E
Scan duration[sec]: 0.001000
I get an URL error timed out here:
http://jsunpack.jeek.org/?report=270662659669f7decf878c6c256dd053fe1fa24a
but site is up...
http://jsunpack.jeek.org/?report=c5eab97f739b6376a3708d4920585518702ba53a
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34053
malware fighter
Re: Why this uri is not blocked? Known javascript malware detected by avast
«
Reply #1 on:
January 11, 2014, 05:14:48 PM »
Another one:
http://maldb.com/novosti-show-biznesa.net/#
Found to be benign here:
http://zulu.zscaler.com/submission/show/70064edeb6699795d06587385222b074-1389456291
See:
http://jsunpack.jeek.org/?report=e488bd5171380385e82573ac4e419cc9bf7282c1
Is this code OK? htxp://ainterme.com/c2a02ec/044e
Pinpoint flagged this as a javascript redirect!
See:
http://jsunpack.jeek.org/?report=e4a831b29acb07d05f23c36f9d32a13c66e1297a
Flagged here:
http://sitecheck.sucuri.net/results/novosti-show-biznesa.net/
The redirect that Sucuri gives is blocked by avast! Web Shield as URL:Mal
We have protecttion here.
pol
«
Last Edit: January 11, 2014, 05:25:00 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Why this uri is not blocked? Known javascript malware detected!