Trojan Warning on bncpj.org/supple-scoliosis-tingling-right-side-of-body/

Grandma_Cindy
Сообщения: 1
Зарегистрирован: Чт дек 16, 2010 10:42 am

Trojan Warning on bncpj.org/supple-scoliosis-tingling-right-side-of-body/

Сообщение Grandma_Cindy » Чт дек 16, 2010 10:42 am

"Report Attack Page" warning of dangerous trojan on this site:
bncpj.org/supple-scoliosis-tingling-right-side-of-body/

Guest

i have visit...

Сообщение Guest » Чт дек 16, 2010 11:02 am

i have visit that page but nothing found..
even no warning was there...
Can u provide some screen shot ...
Need evidence rather than to believe in false claims...

charrox
Сообщения: 507
Зарегистрирован: Вт ноя 30, 2010 12:05 pm

Hp hosts

Сообщение charrox » Чт дек 16, 2010 11:25 am

It is listed in hp hosts.
That is enough for me to rate it red
Here's the link.

http://hosts-file.net/?s=bncpj.org

i☆
Сообщения: 2200
Зарегистрирован: Вт сен 28, 2010 9:57 pm

-

Сообщение i☆ » Чт дек 16, 2010 12:34 pm

It looks harmless. I'm going to need some proof before I add my rating.

giedrius
Сообщения: 1310
Зарегистрирован: Вт июл 20, 2010 3:34 pm

You should contact

Сообщение giedrius » Чт дек 16, 2010 12:37 pm

You should contact hosts-file owner for removal from hp hosts. As any blacklist, the reasons for entering it might be expired, or it might be false positive.
At the moment I think that the URL you posted is a link with spam -submitted page.

charrox
Сообщения: 507
Зарегистрирован: Вт ноя 30, 2010 12:05 pm

The owner needs to clear them up

Сообщение charrox » Чт дек 16, 2010 1:00 pm

Even though it looks harmless, the owner has the obligation to clear them up. It gives bad reputation.
Once it is cleared I will change my mind.

Guest

Re

Сообщение Guest » Чт дек 16, 2010 5:59 pm

ViriusTotal report

http://www.virustotal.com/url-scan/report.html?id=87c34551955ac7ca2df0323cdf1d7b8e-1292518489

URL analysis tool Result
Firefox Clean site
G-Data Clean site
Google Safebrowsing Clean site
Opera Clean site
ParetoLogic Clean site
Phishtank Clean site



Virustotal downloaded file analysis

http://www.virustotal.com/file-scan/report.html?id=b23a53b87ba5b362313713cfc9fca9d6db25c4abc144db78051c9b9236da1c4a-1292522094

Submission date:
2010-12-16 17:54:54 (UTC)
Current status:
queued (#146) queued (#146) analysing finished
Result:
0/ 43 (0.0%)

I'm going to visit that webpage and I shall update my post

Guest

Wait a minute . . . wait a minute

Сообщение Guest » Чт дек 16, 2010 8:04 pm

@ charrox,

You mean you're rating based on listing in only one blacklist? Have you checked the site, and used WOT tools, and looked at other blacklists?

Guest

second chapter

Сообщение Guest » Чт дек 16, 2010 9:41 pm

The Targeted webpage has been deleted or is unreacheable

[url=https://www.mywot.com'http://img404.imageshack.us/i/internalerror.jpg/' t='_blank']Изображение[/url]

Main Page

[url=https://www.mywot.com'http://img254.imageshack.us/i/cost.jpg/' t='_blank']Изображение[/url]

There is a PDF file, I have downloaded it and submitted to virustotal

http://www.virustotal.com/file-scan/report.html?id=1a653383f26474d4a8858c00a276d1bfd2518a8f8a5fd563abe2c59d7a98a1cb-1292523279

File name:
BNCPJleaflet.pdf
Submission date:
2010-12-16 18:14:39 (UTC)
Current status:
queued (#148) queued (#148) analysing finished
Result:
0/ 42 (0.0%)


Clean

when I click on merchandise I'm redirected to this site

cafepress.com/bncpj


[url=https://www.mywot.com'http://img138.imageshack.us/i/merchandiseg.jpg/' t='_blank']Изображение[/url]

Your main site looks clean

the second one has 4 webbugs and I have been also alerted by MalwareBytes AntiMalware IP Blocker (Firefox was trying to get connected to a malicious website)

@ OP Out of curiosity

You estimate the cost of some Wars in money
I thought Life had no price
and as my signature shows
"Freedom is not free"

Are you selling products in the name of what cause?

Thank you in advance for your reply


Guest

third chapter

Сообщение Guest » Чт дек 16, 2010 10:08 pm

external links and scripts analyzed

cafepress.com

http://www.google.com/safebrowsing/diagnostic?site=www.cafepress.com

Malicious software includes 6 scripting exploit(s).

Suspicious

ustforeignpolicy.org

http://www.google.com/safebrowsing/diagnostic?site=www.justforeignpolicy.org

Clean

costofwar.com



http://www.google.com/safebrowsing/diagnostic?site=www.costofwar.com

Clean

Ответить

Кто сейчас на конференции

Сейчас этот форум просматривают: нет зарегистрированных пользователей и 3 гостя