Author Topic: Again avast! Web Shield detects & protects.... (Read 1921 times)

polonus · « **on:** April 14, 2013, 10:56:50 PM »

See: http://urlquery.net/report.php?id=1995461
Avast detects as JS:Blacole-DT[Expl] and blocks site url/|{gzip} via avast! Web Shield...
But the script going here could not resolve (was not found) htxp://www.instandhaltungssoftware-individuell.de/clicker.php

polonus

Pondus · « **Reply #1 on:** April 14, 2013, 11:49:07 PM »

VirusTotal
https://www.virustotal.com/nb/file/8c90dd5c067f8bac0f3d98a9658db54cbce7979d7f018bb924a7765e9859078b/analysis/1365976110/

polonus · « **Reply #2 on:** April 15, 2013, 06:46:03 PM »

See: http://siteinspector.comodo.com/public/reports/13546594
avast! Web Shield detects JS:Iframe-AQ[Trj] on this site.
For the malcode there see this scan report: http://evuln.com/tools/malware-scanner/americashottestfranchises.org/

polonus

polonus · « **Reply #3 on:** April 15, 2013, 06:56:37 PM »

And this is almost immediately blocked: htxp://evuln.com/tools/malware-scanner/http%3A%2F%2Famazing.co.id/|{gzip}
even as it is on a scan result page as JS:Iframe-TM[Trj} it is being blocked tight away.
See the bad web rep here: http://www.mywot.com/en/scorecard/amazing.co.id?utm_source=addon&utm_content=popup-donuts
But now given as safe here: http://browsingprotection.f-secure.com/swp/result?x=CDqZ1MMd*BD1XkEVERuQZi8k6NVFak-UtVuwEfrca0RA5uEXpKJBqYUHstTO24GB
flagged here: http://yandex.com/infected?url=amazing.co.id
listed as suspiciouss here: http://www.google.com/safebrowsing/diagnostic?site=amazing.co.id

polonus

Author Topic: Again avast! Web Shield detects & protects.... (Read 1921 times)

polonus

Again avast! Web Shield detects & protects....

Pondus

Re: Again avast! Web Shield detects & protects....

polonus

Re: Again avast! Web Shield detects & protects....

polonus

Re: Again avast! Web Shield detects & protects....