hXXp:\www.momus.com.tX There was Trojan
But now clean
avast still says that this site have virus URL: Mal. how to fix it
Please Help
Thank, You
hXXp:\www.momus.com.tX There was Trojan
But now clean
avast still says that this site have virus URL: Mal. how to fix it
Please Help
Thank, You
hi seanchen,
Please make this link non-clickable as in hxxp:// as it is still malicious according to scans made a minute or less ago.
http://zulu.zscaler.com/submission/show/f58c278402b60a63f7f8fc09a96979f8-1349252702
https://www.virustotal.com/url/e708f77d19f41ee2903ac012775a29d74ed903e1a62e6539f9b3434ceaad726e/analysis/1349252821/
http://sitecheck.sucuri.net/results/www.momus.com.tw/
http://www.urlvoid.com/scan/momus.com.tw/
http://urlquery.net/report.php?id=210956
Also: hxxp://www.malwaredomainlist.com/mdl.php?search=momus.com.tw Do not click any links in this malwaredomainlist site as they are active live links to serious bad malware. You have been warned. Safe site to view but not to click within it on malicious links.
Are you the site’s owner?
→ http://www.siteadvisor.com/sites/momus.com.tw
→ http://zulu.zscaler.com/submission/show/f58c278402b60a63f7f8fc09a96979f8-1349253114
Yes, I site owner
Go norton safe web this week
re-evaluated site
to review the results is safe
I think it was my site poisoning
Antivirus company to refer to the same database list
Just that I’m not familiar with the origin is in there
I can confirm that my site is now clean
https://safeweb.norton.com/report/show?url=www.momus.com.tw
Please kindness of people to help me thank you
Does not appear to have changed one iota. Site is still extremely malicious.
EDIT: Please change your site you posted to hxxp://www.momus.com.tx This will protect other Avast! forum users here from becoming infected by your now live link if a mistake is made by clicking on it.
hxxp:// will make it non-clickable and save a bit of grief here.
Review of site by Norton could be old, made prior to the infections you still now have.
Zulu scan dated 10/03/2012 here: http://zulu.zscaler.com/submission/show/f58c278402b60a63f7f8fc09a96979f8-1349252702
Zulu scan dated today (10/05/2012) http://zulu.zscaler.com/submission/show/f58c278402b60a63f7f8fc09a96979f8-1349418343
No change whatsoever except the scan date has changed between them. Otherwise, they are identical. If there was a repair/fix to your site, the second new scan would reflect that. Not seeing that here.
What site poisoning are you referring to?
Thanks for your kindness answer
Avast antivirus software, I would like to ask how to do
Do not blocked xxx.momus.com.tw
Recovery so that people can link
Has no virus
It is clean
But now the URL blacklist
What formal methods can be applied for re-checking
Site has been spreading a dangerous bank trojan, known as Zeus. It has a bad web rep: http://www.mywot.com/en/scorecard/momus.com.tw?utm_source=addon&utm_content=popup-donuts
At the moment not given in Zeus tracker, but IP/domain might be blacklisted because of it’s history of spreading malcode.
Bitdefender TrafficLight also goive site als infectuous. Searching for the ISP gives a JS:ScriptIP-inf[Trj] alert
Malware migration found here: hxtp://momus.com.tw:8080/redirect.php?d=853fda24 (migrated from support at linode dot com)
Blackhole exploit kit
and htxp://173.255.255.139:8080/redirect.php?d=853fda24
2012/07/05_12:06 momus dot com dot tw:8080/redirect.php?d=853fda24 173.255.255.139 li281-139.members.linode dot com. Blackhole exploit kit ? / Harris Chen sungod.corpATmsa.hinet.net 6939
Nice write up for the type of malware being spread from there (in the recent past) http://www.mywot.com/en/forum/21464-qai-jar-malware-cve-2010-1885?comment=150338#comment-150338
polonus
@ polonus,
Thank you for that report.
Seems this site is infected. Why would the OP claim it is clean when it is not?
@ seanchen,
It is apparent that your site is infected, and has been in the past. I would suggest that, if you want Avast! to clear the block on it, you remove/cleanse the malware present. Once it is clean, then you can petition Avast! to remove the block.
As long as it is dirty, Avast! is not likely to unblock your site.
Thanks for your kindness answer
I have always said that the site has been cleaned up
polouns:
you say this file
(hxtp / momus.com.tw: 8080/redirect.php? d = 853fda24)
Deleted a long time
mchain:
you said (then you can petition Avast! to remove the block)
What do I do it? contact information from the channel?
I’m confused
Website hacker, I do not wish
I’ve been finishing the website clean
For up to two months, and I’m still on the blacklist
http://zulu.zscaler.com/submission/show/f58c278402b60a63f7f8fc09a96979f8-1349681453
Scanned today 10/5/2012 @ 0730 GMT. Still dirty and malicious. What are you cleaning?
Hi mchain,
He has to try and get off of the blacklist: http://sitecheck.sucuri.net/results/www.momus.com.tw/
Probably because of http://minotauranalysis.com/search.aspx?q=1c8a152f465d5f9db303df250047e3e1
No alerts here: http://urlquery.net/report.php?id=219777
About the actual situation: http://www.mywot.com/en/forum/27538-momus-com-tw?comment-166456
Considering avast you could try and report here: you can report FP here http://www.avast.com/en-no/contact-form.php?noStyles
then it is up to the coders at avast what they do with this report, in case of a true FP they are known to unblock soon with an upcoming update…
polonus
Thank you
I have rendered
http://www.avast.com/en-no/contact-form.php?noStyles
But do not know they will not bother me
thank you ageain for your answer