This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj/FakeAV-CLJ

Hi there,

here's more information:

http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavclq.html

http://www.sophos.com/security/analyses/viruses-and-spyware/trojfakeavclj.html

Just in case I have blocked already 91.217.162.99 which should be repoiury.com even though the site was already taken down by authorities i guess.

Are there any honeypot operators in here who could tell the source of this malware? We get swamped with it and I would like to have the sites blocked from where it originates.

Thanks for any insight given. I appreciate it.

Edit

Sophos blocked files with the following names/keywords:

%random%.htm

bugguardpc.htm
coverlightswitch.htm
annefrankbio.htm
blocklightreach.htm

GandhiAntivirus.htm

This thread was automatically locked due to age.

Parents

0 RRR over 13 years ago

Today's htm files:
anti-m-alvare.htm
anti-alvare.htm
AntiVirusToolsPlus.htm
Support-Easy.htm
Anti-M-Office.htm
Antivirus-Microsoft-Cooperation.htm
SelfDefenseOpen.htm
Protection-Free.htm
Antimalvare.htm
AntiMOffice.htm
:9845
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 RRR over 13 years ago

Today's htm files:
anti-m-alvare.htm
anti-alvare.htm
AntiVirusToolsPlus.htm
Support-Easy.htm
Anti-M-Office.htm
Antivirus-Microsoft-Cooperation.htm
SelfDefenseOpen.htm
Protection-Free.htm
Antimalvare.htm
AntiMOffice.htm
:9845
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data