Author Topic: Phoenix exploit malware via redirect detected? (Read 2541 times)

polonus · « **on:** September 11, 2011, 05:05:16 PM »

Hi forum friends,

4 x malware site flagged here: http://www.virustotal.com/url-scan/report.html?id=4524d02e337721661ac36ca1cf270400-1315744724
But nothing here: http://www.virustotal.com/file-scan/report.html?id=52c97b6b06065135632c27ed17dc97efb528e33104be7765f102a376ec387a36-1315752404
Detected after url scan here: http://siteinspector.comodo.com/public/reports/332312
and here: http://urlquery.net/report.php?id=2766
Does avast detect?
Sucuri detects javascript malware: http://sucuri.net/malware/malware-entry-mwht291
and http://sucuri.net/malware/malware-entry-mwjs3023

polonus

Pondus · « **Reply #1 on:** September 11, 2011, 09:56:45 PM »

banners.php - 1/17
http://www.metascan-online.com/results.cgi?uid=e04prztnqalwydpm9nliuz2s1nw6wxqu

polonus · « **Reply #2 on:** September 11, 2011, 11:28:11 PM »

Hi Pondus,

Description of what is flagged there as given by Eset:

Quote

HTML/Iframe.B.Gen is generic detection of malicious IFRAME tags embedded in HTML pages, which redirect the browser to a specific URL location with malicious software

Quote taken from link at http://www.eset.eu/virus/html-iframe-b-gen (txt source there: Threat Encyclopedia),

polonus

Left123 · « **Reply #3 on:** September 12, 2011, 07:48:30 AM »

Hi Pol,

Googled the md5 and found this :
http://support.clean-mx.de/clean-mx/viruses.php

Regards,

Philip

Author Topic: Phoenix exploit malware via redirect detected? (Read 2541 times)

polonus

Phoenix exploit malware via redirect detected?

Pondus

Re: Phoenix exploit malware via redirect detected?

polonus

Re: Phoenix exploit malware via redirect detected?

Left123

Re: Phoenix exploit malware via redirect detected?