Malware apparantly reported as dead, still given as detected..

[polonus]

Given as suspicious here: http://zulu.zscaler.com/submission/show/dd5a3b14779f4e40a7d4fcaf9b483e08-1340999431
Link scan resulted in: http://vscan.urlvoid.com/analysis/a989d60a103f9b8de364391faca0c7c2/YjY4NjM=/
Malware after been alive for 2.4 hrs was found to be dead at 2012-06-28 18:36:39
See analysis: http://anubis.iseclab.org/?action=result&task_id=13533fc4d2c303a04fd2d0795e6e4b248
Avast Networkshield blocks site as URL:Mal,

polonus

[REDACTED]

Given as suspicious here: http://zulu.zscaler.com/submission/show/dd5a3b14779f4e40a7d4fcaf9b483e08-1340999431
Link scan resulted in: http://vscan.urlvoid.com/analysis/a989d60a103f9b8de364391faca0c7c2/YjY4NjM=/
Malware after been alive for 2.4 hrs was found to be dead at 2012-06-28 18:36:39
See analysis: http://anubis.iseclab.org/?action=result&task_id=13533fc4d2c303a04fd2d0795e6e4b248
Avast Networkshield blocks site as URL:Mal,

polonus

Good Evening Polonus!

Dead? Here is what is downloaded.......

https://www.virustotal.com/file/51408d63175902d54ae1d0152db1669cb01c6a4f7354b167bd703098012fec58/analysis/1341001461/

Rightly so, that the blocks.

[polonus]

Hi Dim@rik,

Thanks for confirming the malware there is still "alive and kicking",
DrWeb detects this as BackDoor.Maxplus.91

So it is very much alive and VirusWatch has wrongly reported the malware to be dead.
Another reason to check and counter-check resources continuously....
There is more on that Ukranian IP: http://urlquery.net/report.php?id=75489

ET TROJAN Potential Blackhole Exploit Pack Binary Load Request
urlQuery Client   ET CURRENT_EVENTS DRIVEBY Blackhole - Payload Download - readme.ex-

Good avast Networkshield has all of us protected here,

polonus