What is HTML/IFRAME.gen (not disinfectable) SPYWARE detected by avast!

polonus · October 21, 2013, 8:27pm

See: https://www.virustotal.com/nl/url/53dd81c1df90f0678e281bf8b45288e25ce4cca61b6742eda33f7c2c3164a965/analysis/
URL hosts a threat identified as: HTML/IFRAME.gen (not disinfectable); a malware variant of Trojan.DownLoader.43003.
IDS alert: ET MALWARE Casalemedia Spyware Reporting URL Visited 2 flagged on 2013-02-09 05:35:04 destination IP was 195.159.219.8
Still up: http://support.clean-mx.de/clean-mx/viruses?id=10399899 and is detected by avast see:
https://www.virustotal.com/nl/file/f5a96cb83543bbcc18f12fcef24a09209f44b73383e0c1caa3ae239ba444b2c8/analysis/
This is being inserted:

ET MALWARE Casalemedia Spyware Reporting URL Visited 3 and 2 See: http://jsunpack.jeek.org/?report=05c27b144b78609b78219c7df7102a4e79d7a4ed (probably down now)

polonus

polonus · October 21, 2013, 9:17pm

A virScan detection survey on this HTML/IFRAME.gen (not disinfectable) SPYWAR
http://v.virscan.org/Possible%20HTML/IFRAME.gen%20(not%20disinfectable).html

polonus

jeffersonsant · October 22, 2013, 11:17am

is detected by avast

http://i42.tinypic.com/wtt6cx.jpg

site security check reports

http://sitecheck.sucuri.net/results/qianxiwlsc.org/

What is HTML/IFRAME.gen (not disinfectable) SPYWARE detected by avast!

Announcements