URLVoid gives this site clean...ztmxyjvm. co. cc

Hi, php malware galore, and also on this site here: htxp://ztmxyjvm.co.cc/images/pdf.php
Here we see nothing wrong: http://www.urlvoid.com/scan/ztmxyjvm.co.cc
avast detects it here as PDF:CVE-2010-0188-gen
Description of this threat here:
http://www.computersecurityarticles.info/security/analysis-of-a-malformed-malicious-pdf-cve-2010-0188-trying-pdf-insider/
source link insider: http://www.computersecurityarticles.info/tag/insider/
http://www.virustotal.com/file-scan/report.html?id=404000ddba5156035d286ec8c3f9f54753cc7068d70521d5654b5713119aba35-1299339902
DF:CVE-2010-0188-gen malware targeting Adobe vulnerabilities, executed malware commands will run similar to target user’s privileges. The malware is specially crafted to access and steal private data…
hxtp://ztmxyjvm.co.cc/images/pdf.php
Is it safe?
Dangerous
The latest tests indicate that this site contains malicious software or could defraud visitors.
How would you categorize this site?
Disease Vector
Sites that directly or indirectly facilitate the distribution of malicious software or source code (source: Trend Micro findings)

other malware on the site was found here: htxp://ztmxyjvm.co.cc/user/JavaSignedApplet.jar
description of malware found here: http://about-threats.trendmicro.com/Malware.aspx?language=us&name=JAVA_DLOADR.EQ
avast detects this as Java:Agent-DH
Please type the address of a website that you want to check.
htxp://ztmxyjvm.co.cc/user/javasignedapplet.jar
Is it safe?
Dangerous
The latest tests indicate that this site contains malicious software or could defraud visitors.
How would you categorize this site?
Disease Vector
Sites that directly or indirectly facilitate the distribution of malicious software or source code (source: TrendMicro findings)

Read from the InfiSecure ThreatLab site about the Exploit Kit used:
http://www.infisecure.com/threat-research-lab/threat-reports/51-bleeding-life-exploit-kit-part-2

But it could be this second malware is no longer there on that server: The requested URL /user/javasignedapplet.jar was not found on this server,
so the malware could be taken off…HTTP Error 404: Not Found …

polonus