Damnit I am obsessed!
OK so I just can't let this one go, after Zero response to both methods (telephone, and e-mail) to the host of the offending website, I am once again digging for more info.
I did report it to DShield, and they are so backed up it will take a while for them to "act", which means they will send an e-mail to the Sysadmin, and hope that action will be taken. Basically the same thing I have attempted.
Knowing that the Horsie is there, I have no fear in rooting around within the site. I noticed today that the actual Trojan originates from the following site. Apparently notorious for this activity and also registered in Russia..........good luck getting any results from these guys right?
The site you will notice serves no purpose, other than to support the Downloader/Trojan, and god knows what else.
http://proffy209.com/
Dig-
Registrant:
Boris D Gorbunov [email protected]
7.49800872092
Boris D Gorbunov
Proletarskaya 3-10
Nijnoy Novgorod Nijniy Novgorod RUSSIAN FEDERATION 180092
Domain Name: proffy209.com
Record last updated at 2006-07-13 12: 42: 55
Record created on 2006/7/13
Record expired on 2007/7/13
Domain servers in listed order:
ns1.game4all.biz ns2.game4all.biz
Administrator:
name: (Boris D Gorbunov)
Email: [email protected]
tel-- 7.49800872092
Boris D Gorbunov
Proletarskaya 3-10
Boris I would like to kick your Caviar eating a$$.
The Virus itself is also known as TR/Dldr.Tibs.C, which copies itself to • %SYSDIR%\kernels8.exe, is a Multifaceted little bugger.
Further info can be found @ link below.
http://www.avira.com/en/threats/sect...dr.tibs.c.html
Any thoughts/Ideas/suggestions regarding these A$$hats would be great. I am on a mission.
Reply With Quote