Hi zenzor,
Please make the link to the site non-clickable by putting hxtp or wXw.
Enough malware coming from there:
Threats found: 6
Here is a complete list:
Threat Name: Packed.Generic.114
Location: htxp://ironfist.at.tut.by/ipasetup.exe
Threat Name: Backdoor.Trojan
Location: htxp://ironfist.at.tut.by/guiz.exe
Threat Name: Suspicious.MH690
Location: htxp://ironfist.at.tut.by/zeratssl.zip
Threat Name: Trojan Horse
Location: htxp://ironfist.at.tut.by/rssbot.zip
Threat Name: Packed.Generic.114
Location: htxp://ironfist.at.tut.by/iparus.exe
Threat Name: JS.Qsiframe
Location: htxp://xaraxtv1.at.tut.by/spx-dxf.exe
Last detection found supicious here:
http://wepawet.iseclab.org/view.php?hash=9d2c42b038c610f57240def45c3c4a41&t=1278609680&type=jsSee the VT report there: avst detects as HTML:IFrame-BN
polonus
P.S. also see: htxp://jsunpack.jeek.org/dec/go?report=852fb9a3aa290487ffb9fa4667ac6ac36451af9a
(Make clickable only for those that know what to do, have NS up and active in the browser)