Again the avast! Webshield detects...

Also on DrWeb’s “known infection source” list.
https://www.virustotal.com/nl/url/8c5590f7fa96774b439395caf2b992c2953c938180c0123884db0ccc0cc83910/analysis/1412006919/
http://sitecheck.sucuri.net/results/buu4k-filues.gotovo-okno.ru (Outdated server software)
http://zulu.zscaler.com/submission/show/6b55efbeb275e189682736294c32f9c1-1412007009
http://killmalware.com/buu4k-filues.gotovo-okno.ru/
Normal web rep does not detect.
htxp://buu4k-filues.gotovo-okno.ru/get_access/
200 OK
Content-Length: 112809
Content-Type: text/html
malicious

pol

nothing in html or js file

https://www.virustotal.com/nb/file/e97641cfc6dd9e836ed93a0e4969e7069fe726f3ea0456eb5544222f561f53d6/analysis/1412007875/
https://www.virustotal.com/nb/file/3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23/analysis/1412007974/

one detection on buu4k-filues.gotovo-okno.ru/get_access/
https://www.virustotal.com/nb/file/b038a96a6356ed600813ec15d041091847b8fc9b9ae3113dd5e2137747d0629c/analysis/1412008136/

Hi Pondus,

Malware very much alive: http://support.clean-mx.com/clean-mx/viruses.php?ns2=ns3-com.nic.ru&sort=id%20DESC&response=alive
So we need detection for this, as it has been active for over 2829 hours, my friend.

From the safe virus viewer:

DEBUG output created by Wget 1.12 on linux-gnu.

–2014-09-29 18:42:05-- htxp://hqq1f-fiilues.c0qs.pp.ru/download/?q=DayZ%20Standalone&id=33953
Resolving hqq1f-fiilues.c0qs.pp dot ru… failed: Connection timed out.
wget: unable to resolve host address `hqq1f-fiilues.c0qs.pp dot ru’

DEBUG output created by Wget 1.12 on linux-gnu.

–2014-09-29 18:42:05-- htxp://hqq1f-fiilues.c0qs.pp.ru/download/?q=DayZ%20Standalone&id=33953
Resolving hqq1f-fiilues.c0qs.pp dot ru… failed: Connection timed out.
wget: unable to resolve host address `hqq1f-fiilues.c0qs.pp dot ru’

From a private person → http://whois.domaintools.com/c0qs.pp.ru
http://dnscheck.pingdom.com/?domain=C0QS.PP.RU&timestamp=1412009177&view=1 Delegation errors.
Main domain OK: http://dnscheck.pingdom.com/?domain=PP.RU&timestamp=1412009333&view=1
Hoster: http://www.adelinahost.com/ru/

pol
See: https://www.virustotal.com/nl/url/7c9a5c558466a59aac86d90df74804be3df395187198ce5a09e022bfab6b3e54/analysis/