Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: zshanthi on February 07, 2012, 04:34:31 PM
-
hxxp://www.perl-resume.com
Please see the attached image
Does anyone of you get a virus waring when you visit the above site ?
It is a false alarm or is it a genuine virus ?
Shanthi
-
INFECTED - see attached screen shot
Malware entry: MW:JS:160 - http://sucuri.net/malware/malware-entry-mwjs160
Metascan - http://metascan-online.com/results.cgi?uid=oyoewmsekncmdt90utegoqlx1nl1mayy
-
kill that link (make it hxxp , and tell your friend to post himself ;D
-
kill that link (make it hxxp , and tell your friend to post himself ;D
Killing ??
I informed my friend and he deleted virus but how to make sure it does not happen again
please test again
http://www.perl-resume.com (http://www.perl-resume.com)
-
Norman lab confirms infected
Already detected as JS/Blacole.AE
EDIT seems sucuri result is Cached so may take some time to change........Sucuri now also say clean ;)
Metascan now say clean
http://metascan-online.com/results.cgi?uid=x1i6k5ye93f9n7klana5qaqn239h7o2g
-
Norman lab confirms infected
Already detected as JS/Blacole.AE
EDIT seems sucuri result is Cached so may take some time to change........Sucuri now also say clean ;)
Metascan now say clean
http://metascan-online.com/results.cgi?uid=x1i6k5ye93f9n7klana5qaqn239h7o2g
so the most common way for this virus to happen is to steal ftp passwords OR hack the server directly and gain access ?
Shanthi
-
Generally the most common way is the site being hacked due to old versions of content management software being vulnerable and exploited (like, PHP, WordPress, etc.). o the site webmaster/host has to keep the software up to date.
Also see, Tips for Cleaning & Securing Your Website, http://www.stopbadware.org/home/security (http://www.stopbadware.org/home/security).
Also see, Help: I Got Hacked. Now What Do I Do? http://technet.microsoft.com/de-de/library/cc512587%28en-us%29.aspx (http://technet.microsoft.com/de-de/library/cc512587%28en-us%29.aspx).
-
kill that link (make it hxxp , and tell your friend to post himself ;D
Killing ??
I informed my friend and he deleted virus but how to make sure it does not happen again
please test again
http://www.perl-resume.com (http://www.perl-resume.com)
Hi Zhanti!
Just saw the tread. I have several websites in the same hosting account, and 2 days ago they all got infected somehow with the exact malware your friend had with his website (mwjs160). I spent all day long yesterday trying to resolve the problem not to avail.
I've seen that your friend deleted the virus within a day. Can you ask him how he did that please? I am getting really desperate now.
Thanks.
-
I've seen that your friend deleted the virus within a day. Can you ask him how he did that please? I am getting really desperate now.
Have you tried this http://sucuri.net/signup
Information for Website Owners
http://stopbadware.org/home/webmasters
Tips for Cleaning & Securing Your Website
http://stopbadware.org/home/security
-
That's very useful information thanks.
I am still very curious about how the guy removed that malware from his site. Will be good to see if he didn't have to pay that much to delete it.
-
Will be good to see if he didn't have to pay that much to delete it.
90$ for a year....including monitoring every 6 hours....is that expencive ?
-
All sorted now. I contacted my hosting provider and hey resolved the problem for me. Thanks for your help. ;)