Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Win32/Application.ab7 is detected by avast as Android:SMSreg-MF [PUP]
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Win32/Application.ab7 is detected by avast as Android:SMSreg-MF [PUP] (Read 1607 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Win32/Application.ab7 is detected by avast as Android:SMSreg-MF [PUP]
«
on:
November 27, 2014, 11:46:54 PM »
See:
https://www.virustotal.com/en/url/346d0aff817cd844d54412cf6d323c3266617de834934cbf6019d026dcca49cd/analysis/1417128122/
See:
https://www.virustotal.com/en/file/34f5b3ed07ce1aa7c2b0d09742c00f6b5e301718a7ac8124f0bb3acaea7846c2/analysis/1417099178/
Recently found Android:SMSreg-MF [PUP] here:
Up(nil): Win32/Application.ab7 APNIC KR djkim at gdsys.co dot kr 180.131.50.38 to 180.131.50.38 bjk321 dot com htxp://a396766.bjk321.com/az/index.php
Up(nil): Win32/Application.ab7 APNIC KR djkim at gdsys.co dot kr 180.131.50.38 to 180.131.50.38 bjk321 dot com htxp://a3639207.bjk321.com/az/index.php
Up(nil): Win32/Application.ab7 APNIC KR djkim at gdsys.co dot kr 180.131.50.38 to 180.131.50.38 bjk321 dot com htxp://a357984.bjk321.com/az/index.php
Up(nil): Win32/Virus.Adware.8d7 APNIC KR djkim at gdsys.co dot kr 180.131.50.38 to 180.131.50.38 bjk321 dot com htxp://a3488111.bjk321.com/az/index.php
We are being protected, also Google Safebrowsing blacklisted and blocked:
http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=a396766.bjk321.com
polonus
«
Last Edit: November 27, 2014, 11:49:51 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
polonus
Avast Überevangelist
Probably Bot
Posts: 34054
malware fighter
Re: Win32/Application.ab7 is detected by avast as Android:SMSreg-MF [PUP]
«
Reply #1 on:
November 27, 2014, 11:53:37 PM »
Some more for the website detection: alerted:
https://urlquery.net/report.php?id=1416813846261
&
http://www.scumware.org/report/70880818AB89B9BB2FF3E90B35C1C514.html
& IP badness history:
https://www.virustotal.com/en/ip-address/180.131.50.38/information/
Does avast detect here? ->
https://www.virustotal.com/en/file/46f5cd307b1e29882e90b0db63bd9687bac0314d7fbcd18d3805a49c5827235e/analysis/
re:
http://urlquery.net/report.php?id=1417045092105
See what is still alive and up there:
http://support.clean-mx.de/clean-mx/viruses.php?domain=bjk321.com
polonus
«
Last Edit: November 27, 2014, 11:56:45 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Win32/Application.ab7 is detected by avast as Android:SMSreg-MF [PUP]