Phoenix exploit malware via redirect detected?

polonus · September 11, 2011, 3:05pm

Hi forum friends,

4 x malware site flagged here: http://www.virustotal.com/url-scan/report.html?id=4524d02e337721661ac36ca1cf270400-1315744724
But nothing here: http://www.virustotal.com/file-scan/report.html?id=52c97b6b06065135632c27ed17dc97efb528e33104be7765f102a376ec387a36-1315752404
Detected after url scan here: http://siteinspector.comodo.com/public/reports/332312
and here: http://urlquery.net/report.php?id=2766
Does avast detect?
Sucuri detects javascript malware: http://sucuri.net/malware/malware-entry-mwht291
and http://sucuri.net/malware/malware-entry-mwjs3023

polonus

Pondus · September 11, 2011, 7:56pm

banners.php - 1/17
http://www.metascan-online.com/results.cgi?uid=e04prztnqalwydpm9nliuz2s1nw6wxqu

polonus · September 11, 2011, 9:28pm

Hi Pondus,

Description of what is flagged there as given by Eset:

HTML/Iframe.B.Gen is generic detection of malicious IFRAME tags embedded in HTML pages, which redirect the browser to a specific URL location with malicious software

Quote taken from link at http://www.eset.eu/virus/html-iframe-b-gen (txt source there: Threat Encyclopedia),

polonus

Left123 · September 12, 2011, 5:48am

Hi Pol,

Googled the md5 and found this :
http://support.clean-mx.de/clean-mx/viruses.php

Regards,

Philip

Phoenix exploit malware via redirect detected?

Announcements