« previous next »
Pages: [1]   Go Down

Author Topic: false alarm Or not?  (Read 2246 times)

0 Members and 2 Guests are viewing this topic.

chabbo

  • Guest
false alarm Or not?
« on: December 29, 2012, 06:21:34 PM »
is this site infected?[suspicious] :P[/suspicious]


xxx.gladiator-antivirus.com

http://zulu.zscaler.com/submission/show/99dad8aaf79375c02ee9b87385cf940c-1356801611


Infection Details

URL:   xxx.gladiator-antivirus.com/
Process:   C:\Program Files (x86)\Google\Chrome\App...
Infection:   URL:Mal
« Last Edit: December 29, 2012, 08:19:49 PM by chabbo »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
Re: false alarm Or not?
« Reply #1 on: December 29, 2012, 06:42:59 PM »
Given as benign here: http://zulu.zscaler.com/submission/show/99dad8aaf79375c02ee9b87385cf940c-1356801909
on line 10 This domain has just been registered for one of our customers!
Subversion going on behind a DAV proxy, avast detects: http://silmor.de/proxysvn.php (link article author = webmaster AT silmor DOT de)
The domain is blacklisted in http://hosts-file.net/?s=www.gladiator-antivirus.com
See: http://vurldissect.co.uk/?url=1735750

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89670
  • No support PMs thanks
Re: false alarm Or not?
« Reply #2 on: December 29, 2012, 06:46:28 PM »
Please 'modify' your post change the URL from http to hXXp, as you did with the first URL (but not the infection details)  to break the link and avoid accidental exposure to suspect sites, thanks.

Nothing on sucuri.net or urlvoid.com, urlquery.net (http://urlquery.net/report.php?id=549088) shows an image of the page that indicates that this domain has recently been registered, so it is possible that you may have inherited a problem from a previous site on that IP address.

There is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for:  * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues.

- If you are reporting an FP, then you get another input field open, click Browse button and navigate to the file or enter the web URL for the site you wish to submit for review (Network Shield), etc. A link to this topic also wouldn't hurt.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD - 27" external monitor 1440p 2560x1440 resolution - avast! free  24.9.6130 (build 24.9.9452.762) UI 1.0.818/ Firefox, uBlock Origin Lite, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 34051
  • malware fighter
Re: false alarm Or not?
« Reply #3 on: December 29, 2012, 11:00:29 PM »
As this is an IP block (URL:Mal) this could be as DavidR said a block for malware previously launched from that IP,

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »