Moloth - The M-Forums
You are not logged in.
#1 1/24/08 7:16 pm
Possible Virus infection on moloth.com?
This didn't start happening until today, but whenever I visit www.moloth.com Avast jumps out at me and alerts me to a virus/worm coming from a page being loaded ( http://www.wp-stats-php.info/iframe/wp-stats.php )
Is this just a case of Avast being overly cautious, do ya think? I've attached a screenshot for evaluation purposes.
Offline
#2 1/24/08 7:24 pm
Re: Possible Virus infection on moloth.com?
Uh oh... doesn't look good.
here's the domain info on that site:
Domain ID:D22443415-LRMS
Domain Name:WP-STATS-PHP.INFO
Created On:22-Nov-2007 13:45:05 UTC
Last Updated On:21-Jan-2008 20:33:00 UTC
Expiration Date:22-Nov-2008 13:45:05 UTC
Sponsoring Registrar:Gandi Sarl (R191-LRMS)
Status:CLIENT TRANSFER PROHIBITED
Registrant ID:O-901894-GANDI
Registrant Name:No
Registrant Organization:Ju Dehua
Registrant Street1:B1/4F., No. 211, Taigu Road, Waigaoqiao Free Trade Zone
Registrant Street2:
Registrant Street3:
Registrant City:Shanghai
Registrant State/Province:
Registrant Postal Code:10079
Registrant Country:CN
Registrant Phone:+86.2158681248
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:f8c8dcc929de0f8fe20d6926e463bf0c-903683@owner.gandi.net
Admin ID:C11388674-LRMS
Admin Name:Ju Dehua
Admin Organization:
Admin Street1:B1/4F., No. 211, Taigu Road, Waigaoqiao Free Trade
Admin Street2:Zone
Admin Street3:
Admin City:Shanghai
Admin State/Province:
Admin Postal Code:10079
Admin Country:CN
Admin Phone:+86.2158681248
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:j_dehua@yahoo.com
Billing ID:C1249598-LRMS
Billing Name:CONTACT NOT AUTHORITATIVE see http://www.gandi.net/whois
Billing Organization:GANDI sarl
Billing Street1:see also whois.gandi.net
Billing Street2:
Billing Street3:
Billing City:Paris
Billing State/Province:
Billing Postal Code:F-75003
Billing Country:FR
Billing Phone:
Billing Phone Ext.:
Billing FAX:
Billing FAX Ext.:
Billing Email:support@gandi.net
Tech ID:C1249598-LRMS
Tech Name:CONTACT NOT AUTHORITATIVE see http://www.gandi.net/whois
Tech Organization:GANDI sarl
Tech Street1:see also whois.gandi.net
Tech Street2:
Tech Street3:
Tech City:Paris
Tech State/Province:
Tech Postal Code:F-75003
Tech Country:FR
Tech Phone:
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:support@gandi.net
Name Server:C.DNS.GANDI.NET
Name Server:B.DNS.GANDI.NET
Name Server:A.DNS.GANDI.NET
i went to the root site and its blank except for "asasas".
VERY suspicious... 
-=The Believer is Happy; the Skeptic is Wise=-
Offline
#7 1/24/08 8:21 pm
- Memnoch
- One Bad M-F'er
- Registered: 6/14/06
- Posts: 2847
Re: Possible Virus infection on moloth.com?
You rock Russ. Don't ever let anyone tell you otherwise!!!
Without condoning... or condemning. I understand.
Offline
#9 1/25/08 2:29 pm
- Memnoch
- One Bad M-F'er
- Registered: 6/14/06
- Posts: 2847
Re: Possible Virus infection on moloth.com?
Moloth wrote:
he forges Order out of Chaos and Nothingness.
BBBBWWWWWAAAAAAAAAAAAhahahahahahahahahahaha!!!!
Without condoning... or condemning. I understand.
Offline