this site is not bad right (moderator response apreeciated) (QUICK RESPONSE)

i did a google search about someone who is a “hacker” and i found this site

http://www.mywot.com/en/scorecard/corraltutorials.webs.com

(please note this is the url to WOT the site is in the end of the url but i don’t want to make it clickable)

can anyone tell me if it’s bad

i accessed it through internet explorer who is protected by avast sandbox i also got avast internet security updated expires in august 2012

so can any expert just check the site for me i know i shouldn’t get scared for small things like this but i can’t help it i am

i would like a very quick answer doing a fast scan at the moment

edit avast quick scan found nothing doing a superantispyware scan

and please someone reply

can anyone please help me?

Well sucuri scanner say infected with this
http://sucuri.net/malware/malware-entry-mwdefaced01
from the screenshot it looks as some kind of joke?

see attached screenshot

unmask parasites and VirusTotal say clean and URLVoid will not give a result

Hi Pondus and zzcool,

Site has been hacked, see in the google search results at the top giving: H.A.C.K.E.D - XxxV1r0j4NxxX: -http://corraltutorials.webs.com/
I would do a MBAM scan also after an eventual visit of that site,
because see attached script threat found there, see attached gif

polonus

Hi Pondus,

Sucuri should have found it in real time, really, see here at the bottom, where it is mentioned:
http://tools.sucuri.net/?page=tools&title=blacklist&seeall=1&detail=d36eb5a495a9bee79a075e08fc0e3cd1

After is was hacked and defaced, the code was found up by a real-time JS_script de-obfuscation scanner. Won’t give that link here, because it should not be abused. So I gave a representation as the gif image I have attached to the above posting,

for the exploit mentioned there, see: http://blog.trendmicro.com/new-ie-zero-day-exploit-cve-2010-0806/ author of above link is trendmicro’s Valerie Boquiron (Technical Communications)

Unmasked parasites also give this external reference link as a gif image as suspicious:
http://www.google.com/safebrowsing/diagnostic?site=images.webs.com
Last time suspicious content was found there was on 2011-06-17, this resulted in the infection of one site e.g. no1 dot vn/

pol

Norman lab confirms infected

corraltutorials.webs.com.htm : Processed - HTML/Agent.NA