Site Reviews by bdmeyer Site Reviews by bdmeyer in the Norton Safe Web community Tue May 22 14:53:12 +0000 2012 http://safeweb.norton.com/profile/bdmeyer publicservicedegrees.com : Possible fake diploma mill.. Spam offering low cost degree's in many fields. I would be very cautious in dealing with them. Thu, 01 Apr 2010 12:53:26 +0000 http://safeweb.norton.com/report/show?url=publicservicedegrees.com teamzobbe.dk : Found referenced five times with a virus download Example (Obfuscated) Visited: <user>@http://174.57.186.216/d=www[dot]teamzobbe[dot]dk/0x3E8/view/console=yes/setup.exe Thu, 25 Mar 2010 13:58:56 +0000 http://safeweb.norton.com/report/show?url=teamzobbe.dk muqo.com : Found in Suspicious Location While analyzing an infected hard drive for a new variant of torpig, I found muqo.com in a physical memory dump. Info is below: 4 Hits in 3 Files - QUERY: (RealHardDisk) -- 1 Hit - [physmem.dmp_07] cdavis_laptop\NONAME-NTFS\physmem.dmp_07 NamedO F1AE348-21FE-4A3B \\.\<<realharddisk>> shutdown {5F1AE348 Drivers\*.syst VERSION\RUN MUQO.COM AS.HTM MUQO.COM/AS/ run Mon, 22 Mar 2010 20:23:22 +0000 http://safeweb.norton.com/report/show?url=muqo.com as.ro : Contained this domain in injected hal.dll This site is referenced inside a hal.dll from an infected machines memory capture. ftp.as.ro (Is it really hosted in us wit ha .ro ?) Thu, 18 Mar 2010 16:01:51 +0000 http://safeweb.norton.com/report/show?url=as.ro y123.com : Found inside an ijected hal.dll This site is referenced inside a hal.dll from an infected machines memory capture. Thu, 18 Mar 2010 15:58:32 +0000 http://safeweb.norton.com/report/show?url=y123.com buyftpservice.com : Found this on several machines Found reference to this url in what we believe is a new variant of a combination Torpig / Conficker (PigFicker ?) Memory capture from several analysed machines. Bruce D. Meyer Tue, 16 Mar 2010 14:02:34 +0000 http://safeweb.norton.com/report/show?url=buyftpservice.com slaphappy.com : Proxy Bypass This site claims to help users bypass security proxies. This would then make a machine possibly more open to compromise as it is now able to visit sites that you are attempting to block at your proxy. Wed, 17 Feb 2010 18:04:55 +0000 http://safeweb.norton.com/report/show?url=slaphappy.com darelease.com : Possible warez site While searching for a pent testing tool, this site kept coming up with what appear to be downloads for purchased software for free. McAfee site advisor had one review that said software from here has viruses on it. I would rate it at least as suspcious until Safe Web completes it's testing. Sat, 23 Jan 2010 18:38:09 +0000 http://safeweb.norton.com/report/show?url=darelease.com