Malware Domain List

Site Related => Site / Forum Discussion => Topic started by: GaryDee on April 25, 2012, 07:26:52 pm

Title: How can it be when Advanced Info is used by others.....?
Post by: GaryDee on April 25, 2012, 07:26:52 pm

Lets take it one by one:

The Domain

Code: [Select]

http://www.advancedinfo.com.br/
is kind of brandmarked, with following register

http://www.malwareblacklist.com/searchClearingHouse.php?search=advancedinfo.com.br

But at this point:

https://www.virustotal.com/url/c45ef2019cf269d88ea0e1d89c68810e8c77c195f7638d425fa5f1bf2f279cc8/analysis/1335379227/

Four (4) Scanner ID it as malicious. But here noone knows anything:

https://www.virustotal.com/file/8d6878dd7a05b9402efa6824ea82613fa6785187ec878823a387adabc2cd6965/analysis/1335379439/

except for Nine (9) others.
Someone knows an explanation upon this ???

Especially when you consider following Quote:

Quote

advancedinfo.com.br - According to http://www.malwareblacklist.com this site contains a heuristic indicating that it can harm your computer. It was detected and reported in August/September 2011. Take care when visiting this web site.
You can find more details with a search on advancedinfo.com.br at http://www.malwareblacklist.com

I have searched, but didnt come up with the right answer. Help in comprehending is a Wish.

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: MysteryFCM on April 25, 2012, 07:35:22 pm

Site is running WordPress, so it's entirely possible it was compromised. Not seeing anything now though.

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: GaryDee on April 25, 2012, 07:56:00 pm

I`ve got that. But it (The Malware-Report-Reputation-System) does not, explain it the way some "USUAL" could trace back the main Process, especially in claerancy in connection to a possible compromise. Or not ?

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: GaryDee on April 25, 2012, 08:00:16 pm

Sorry, in my first post i forgot the link, introducing the Quote from MarkGiles. See:

http://www.mywot.com/en/scorecard/advancedinfo.com.br

and that "Report" is kind of bothering

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: MysteryFCM on April 25, 2012, 08:29:14 pm

Bear in mind, his comment is from March 2011. I'm over MyWot as well so will drop him a PM on there.

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: GaryDee on April 25, 2012, 08:37:08 pm

Quote from: MysteryFCM on April 25, 2012, 08:29:14 pm

Bear in mind, his comment is from March 2011. I'm over MyWot as well so will drop him a PM on there.

Thx therefor. But, it has nothing to do with MyWot, in singular, but with an Impression, on all of it.

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: dlipman on April 25, 2012, 10:20:25 pm

GaryDee:

Have YOU tested suportebeta.exe ?

have YOU tested advancedinfo.com.br ?

Are you just relying on what other sites say ?

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: GaryDee on April 26, 2012, 08:11:41 am

Quote from: dlipman on April 25, 2012, 10:20:25 pm

GaryDee:

Have YOU tested suportebeta.exe ?

have YOU tested advancedinfo.com.br ?

Are you just relying on what other sites say ?

And if I did ? Your possible way of thinking, is not the way i suppose. And answering your last question, it usually is a very important MUST to (in) consider (consideration) the fact by seeing all the pieces as a WHOLE, and applying what SOME (not ALL) relevant Sites DO say. In retrieving MW it helps alot. No Researcher would deny that. BELIEVE me.

Sorry, i forgot something to read about:
http://forums.creativecow.net/thread/11/858326

And if i should remember good, VT made a change to TM on their Collaboration-MW-Search-Engine in connection to TM, a few days ago.

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: MysteryFCM on April 27, 2012, 09:48:18 am

Should always test things yourself. Info from other sites is great as a reference, but should never be blindly relied on.

Title: Re: How can it be when Advanced Info is used by others.....?
Post by: dlipman on April 27, 2012, 11:37:13 am

Quote from: GaryDee on April 26, 2012, 08:11:41 am

And if I did ? Your possible way of thinking, is not the way i suppose. And answering your last question, it usually is a very important MUST to (in) consider (consideration) the fact by seeing all the pieces as a WHOLE, and applying what SOME (not ALL) relevant Sites DO say. In retrieving MW it helps alot. No Researcher would deny that. BELIEVE me.

Sorry, i forgot something to read about:
http://forums.creativecow.net/thread/11/858326

And if i should remember good, VT made a change to TM on their Collaboration-MW-Search-Engine in connection to TM, a few days ago.

I asked 3 questions.  Did you answer them ?  No.

Instead you question my questions and provide a riddle.

The malware world abounds with False Positives and grey area files.
Were the WinRAR and 7zip installers malware that you posted about ?  No.
Were they EASY to determine their legitimacy ?  Yes.

Is it possible that a legitimate installer could be repackaged with malware ?  Yes, I have seen this so many times it isn't funny.  But that wasn't the case.  I replied back to your posts but you didn't even bat an eye with a reply.

Like rumours, you don't spread False Positives as if they were indeed malware.  You test the URLs and files and make a determination based upon your own findings and facts.  Then you post them.

Frankly, after testing numerous URLs and files you have posted, I find what you post to be less than reliable.