Trojans detected:
Object: http://2000goles.blogspot.de/2011_07_29_archive.html
SHA1: 5553ab7d562dd0050209c426d1780ba577da8f35
Name: TrojWare.JS.TrojanClicker.FbLiker.A aka JS:Clickjack-DT [Trj]
See: https://www.virustotal.com/nl/url/ae0216ccb239660e509f5e63be935cae6cdbeedcb7f8258f3cf5d0bc4a84717e/analysis/1418511928/
Potentially Suspicious files: 14 - /search?updated-min=2012-10-01t00%3A00%3A00-05%3A00&updated-max=2012-11-01t00%3A00%3A00-05%3A00&max-results=50
Severity: Potentially Suspicious
Reason: Detected procedure that is commonly used in suspicious activity.
Details: Detected abnormal use of [iframe] elements. Treat it as suspicious.
File size[byte]: 289585
File type: ASCII
Page/File MD5: C0C214BEC2205A134D5BA17E5C0D5956
Scan duration[sec]: 1.643000 eyc. etc.
Consider: http://www.cobal.org/cgi-bin/cobal-log/http---introspective-to-a-fault.blogspot.com-2010-08-attitude-of-auxiliaries.html_refer.txt
External link from code to htxp://s7.addthis.com → http://fixvirusfast.blogspot.nl/2014/03/how-do-i-remove-s7addthiscom-virus.html
IP Badness history: https://www.virustotal.com/nl/ip-address/74.125.70.132/information/
- Suspicious url(NULL) - 8 results found
(2) user information check - 6 results found
(3) user cookie check - 6 results found
(4) user information check - 5 results found
(5) user cookie check - 3 results found
(6) Suspicious script has been detected (document.write(unescape(?))) - 1
(7) Suspicious script has been detected (Obfuscation packer:EnPack) - 1 instance found
See link check here: http://zerocert.org/?code=f1177c83e0cb8c8b9e5e7e7e4ddaa0c25e6980a71a2fec22e1ad88fe2b8ec58b
Flagged: http://safeweb.norton.com/report/show?url=2000goles.blogspot.de
iFrame Check Suspicious
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=300x250§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=300x250§ion=3316358’
-http://balondeoro2012cr7.blogspot.com/’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=468x60§ion=3316358’
-http://ad.adnetwork.net/st?ad_type=iframe&ad_size=728x90§ion=3316358’
All flagged by WOT https://www.mywot.com/en/scorecard/ad.adnetwork.net?utm_source=addon&utm_content=popup
and by avast! Web Rep …See where this requests are going here: http://www.uploady.com/#!/download/iv~C40qsDMu/XNWLmwSCTgR3lls1
Included Scripts Check: suspect - please check list for unknown includes
htXp://www.mipagerank.com/mipagerank.php/www.2000goles.blogspot.com/?d= → http://www.elhacker.net/whois.html?domain=www.mipagerank.com
polonus