Malware entry: MW:JS:611
Description: Remote javascript (or iframe) included to load malware from external web sites. Multiple domains are used as intermediaries:
Those links lead to the "Fake AV" and other desktop virus (affecting Windows users) / SutraTDS / Traffic Redistribution Systems.
Affecting: Any web site (no specific target).
Clean up: Malware is hidden at the index.php or index.html files.
Malware dump:
Keywords: /in.cgi?default, .co.cc