[MALWARE:] rev dot opentransfer dot com

[monetandme]

Just saw this in this great program called

Code: Select all

DiamondCS Port Exploror

, lets me know the slogs that are locking my browser when they come into my system. I came across this blurb and wonder how to defend against it.

Code: Select all

rev.opentransfer.com.141.104.0.96.in-addr.arpa.

I am running AVG and Outpost, thought tea timer was running but something knocked that out. Any suggestions?

[therube]

What blurb is that?
Does Diamond have forums?
What is it that Diamond does?
NoScript blocks JavaScript from all sites not specifically (or defaulted) Allowed.
Suppose you could uses a HOSTS file entry to block access to it, but then you'd have a never ending list, IMO.

Explorer.

[Tom T.]

Web search for rev.opentransfer.com shows numerous malware listings, e. g.
http://www.malwaredomainlist.com/mdl.ph ... 100&page=0

Code: Select all

2011/02/24_21:26	rolemodelstreetteam.invasioncrew.com/raazuc/Dossier-For-M	98.131.132.1	rev.opentransfer.com.1.132.131.98.in-addr.arpa.	Compromised site leading to fake AV	Invasion Crew / sandy@invasioncrew.com

What is DiamondCS Port Explorer?

Port Explorer is a socket analysis and exploration utility designed for both novice and advanced users alike

The post appears to be spam for Diamond CS, whose reputation is not so good:
http://www.wilderssecurity.com/showthread.php?t=159189

Paul Wilders
Administrator

Join Date: Jul 2001
Location: The Netherlands
Posts: 12,463
Default DiamondCS Support Forums closed
Dear members,

During the existance of this board, we have been and still are providing room as well as bandwidth for several security software companies, focussed on hosting their Official Support Forum(s). Part of this service was and still is: frequent and solid support provided by official representatives from those companies, both over on this board as well as company customer care is concerned.

In this context, we are sad to announce DCS does no longer live up to the standards set as mentioned above, although we have provided the company in question quite a long time to live up to those standards again.

As a result, we have no choice left other then closing as well as archiving all (sub)forums from DCS. We do advise those having paid for software but never received keys, serial numbers, etc. to contact the appropriate channel(s) in order to get a refund.

The DCS softwares are allowed to be discussed in other appropriate forums over on this board. Keep in mind though, there's no official backup anymore from company representatives and therefore, don't expect official company responses.

In closing: we do regard this decision a very difficult - but needed one. In the end, we do have to make sure the standards from this board are respected for the benefit of members, lurkers, and last but not least, this board. Closing down and archiving the DCS (sub)forums is - sadly - the only way to do so.

On behalf of the staff,
Paul Wilders

@ OP: Can you justify your post? Else, it is spam; it will be deleted, and you will be banned for posting to recommend a paid product, especially one which seems to be poorly regarded by reputable sources. The question of how to defeat the other site listed is simple, as therube said: Don't allow it in NoScript, and don't go there.