Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Malware on website not detected? Avast should detect JS:Pdfka-gen Expl
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Malware on website not detected? Avast should detect JS:Pdfka-gen Expl (Read 2268 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33921
malware fighter
Malware on website not detected? Avast should detect JS:Pdfka-gen Expl
«
on:
December 24, 2011, 08:09:58 PM »
See:
http://www.virustotal.com/url-scan/report.html?id=54f9ba3429c6c88a3bca79df616c91ae-1324748635
and
http://www.virustotal.com/file-scan/report.html?id=9eb85668f287245dafc35c1ba1e1ae2947a863c99ca9a1372906bfe15f2be76a-1324752346
-http://www.webutation.net/go/review/tankmeisters.nl
suspiciois:
http://urlquery.net/report.php?id=13359
-tankmeisters.nl/footer.htm suspicious
[suspicious:5] (ipaddr:195.211.72.6) (frame) -tankmeisters.nl/footer.htm
status: (referer=-tankmeisters.nl/)saved 5347 bytes 223bc1cbab2ec4f266d77037684e34fd950e5c38
info: [img] -tankmeisters.nl/footerl.gif
info: [script] -m1.nedstatbasic.net/basic.js
info: [decodingLevel=0] found JavaScript
error: undefined variable y
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
and
ankmeisters.nl/ suspicious
[suspicious:5] (ipaddr:195.211.72.6) -tankmeisters.nl/
status: (referer=-www.google.com/trends/hottrends)saved 4433 bytes 3f6efcec199a61214b995637a0c79931046fd0ff
info: [frame] -tankmeisters.nl/top1.htm
info: [frame] -tankmeisters.nl/left1.htm
info: [frame] -tankmeisters.nl/news/test.php
info: [frame] -tankmeisters.nl/footer.htm
info: [decodingLevel=0] found JavaScript
error: undefined variable y
suspicious: Warning detected /warning CVE-NO-MATCH Shellcode Engine Binary Threshold
= Advanced Polymorphic Shellcode ..
Sucuri does not detect, BitDefender TrafficLight gives site as malcious,
I treated a similar infection also on another site here in this posting:
http://forum.avast.com/index.php?topic=87390.0
polonus
«
Last Edit: December 24, 2011, 08:27:45 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pondus
Probably Bot
Posts: 37548
Not a avast user
Re: Malware on website not detected? Avast should detect JS:Pdfka-gen Expl
«
Reply #1 on:
December 24, 2011, 10:20:35 PM »
VirusTotal - URL scan
http://www.virustotal.com/url-scan/report.html?id=8f942f076d4feda5362f3312ecbd38ce-1324757412
VirusTotal - HTML scan
http://www.virustotal.com/file-scan/report.html?id=be70f459895535dbef291ffb3aace6b19bc39a33bd832f11738fe709ffb3cf35-1324761123
Wepawet
http://wepawet.iseclab.org/view.php?hash=8f942f076d4feda5362f3312ecbd38ce&t=1324761369&type=js
Sucuri - Malware entry: MW:JS:159
http://sucuri.net/malware/malware-entry-mwjs159
«
Last Edit: December 24, 2011, 10:23:22 PM by Pondus
»
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33921
malware fighter
Re: Malware on website not detected? Avast should detect JS:Pdfka-gen Expl
«
Reply #2 on:
December 25, 2011, 01:00:17 AM »
Hi Pondus,
So avast detects as JS:Redirector-LH [Trj], right?
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pondus
Probably Bot
Posts: 37548
Not a avast user
Re: Malware on website not detected? Avast should detect JS:Pdfka-gen Expl
«
Reply #3 on:
December 25, 2011, 01:12:23 AM »
yepp
Logged
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Malware on website not detected? Avast should detect JS:Pdfka-gen Expl