@Dim@rik,
Thanks for confirming that so quickly and extensively at the hand of the packer used
for this MS-DOS executable MD5 hash e4aaa768f18614cf21a167eb5d9c4750
To proof DrWeb gets them is here for another variant at another site:
Checking: -http://fdg45e.nl.ai/w.php?f=19
Engine version: 5.0.2.3300
Total virus-finding records: 2813715
File size: 279.50 KB
File MD5: f47f7bac078494261dbc349215b646de
-http://fdg45e.nl.ai/w.php?f=19 infected with BackDoor.Gbot.1589
There is no detection here of other scanners here for instance - calc-exe:
http://vscan.urlvoid.com/analysis/33e605d75e3499d023c11728761d26b5/Y2FsYy1leGU=/@Pondus
That should mean that the site should be blacklisted as google does here
http://www.google.com/safebrowsing/diagnostic?site=http%3A//nanitos99132.co.cc/w.php%3Ff%3D155%26e%3D5While Norton safe web has not even tested the site, sucuri comes up with: "site blacklisted, malware" (according to above mentioned unmasked parasites report that is, malware not identified and not specified, obvious with all the various malware excutable variants of that specific malware being spread from there continously,
polonus