Hi malware fighters,
We started with this site: stop.500forbiddenerror.com
69.59.137.237
69.59.137.237.servepath.com Trojan Adload
Choi Jin / bp8tg5wg9tATnetworksolutionsprivateregistration.com
2010-01-20 details PACKER etc.
EXECryptor 2.2.4 → Strongbit/SoftComplete Development (h3) * 00075057 0002F457 1f4iroqk 6.0 d07765bfebef50057cd7120e1bff17bb72abada5
Here is a complete list:
Backdoor.Win32.Agent.amsp found there…
Threat Name: Downloader
Location: htxp://kin.500forbiddenerror.com/CK3V.exe
finjan: active content was blocked due to digital signature violation
http://malc0de.com/database/index.php?search=26228&ASN=on
http://x.maldb.com/?p=9193
The violation is missing digital signature!
Threat Name: Downloader
File name: c:\documents and settings\user\local settings\temporary internet files\content.ie5\ocieqgj3\ck3v[1].exe
Location: htxp://kin.500forbiddenerror.com/SHILD/INST_Kin2.exe
Here we can find if the dirt has been cleansed in the mean time:
http://www.malwaredomainlist.com/forums/index.php?topic=3190.990
polonus