Hi boedapinank,
Do as spg SCOTT ask you, make the link non-click-through (-http or hxtp or wxw) so users cannot get infected by cliccking the live link by mistake...
Also look here:
http://www.unmaskparasites.com/web-page-options/?url=http%3A//www.adeiskandar.comSee one of the external references (last*) infected via count.php
This site also infected these sites through the last three days:
e.g. -mmoblog.pl/, -firma-contabilitate.com/, -aventia.no/.
Maliious software contains 4 scripting exploits.
This site is being hosted on 1 network, e.g. AS43239 (SPETSENERGO) with malicious URLs see:
http://sitevet.com/db/asn/AS43239Site is being cleansed at the moment: see Checking: -https://apis.google.com/js/plusone.js
File size: 3206 bytes
File MD5: 7cdf99d71c920719386659d35c23931f
-https://apis.google.com/js/plusone.js - Ok
(intial source of grandscale online infection, link now dead, was, see below)
Checking: -http://superpuperdomain2.com/count.php?ref=
File size: 0 bytes
File MD5: d41d8cd98f00b204e9800998ecf8427e (PASSWORD Lookup)
-http://superpuperdomain2.com/count.php?ref= - cannot get file attributes with error: No such file or directory
-http://superpuperdomain2.com/count.php?ref= - read error!
Checking: -http://feedjit.com/serve/?vv=693&tft=3&dd=0&wid=34023ff69163ec99&pid=0&proid=0&bc=FFFFFF&tc=000000&brd1=012B6B&lnk=135D9E&hc=FFFFFF&hfc=CC921E&btn=C99700&ww=200&wne=7&wh=Live+Traffic+Feed&hl=0&hlnks=0&hfce=0&srefs=1&hbars=0
File size: 30.98 KB
File MD5: b4bc497ac048511c19024da607e00859
-http://feedjit.com/serve/?vv=693&tft=3&dd=0&wid=34023ff69163ec99&pid=0&proid=0&bc=FFFFFF&tc=000000&brd1=012B6B&lnk=135D9E&hc=FFFFFF&hfc=CC921E&btn=C99700&ww=200&wne=7&wh=Live+Traffic+Feed&hl=0&hlnks=0&hfce=0&srefs=1&hbars=0 - Ok
Checking: -http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl
Engine version: 5.0.2.3300
File size: 36.62 KB
File MD5: 4b69cd8f594e06e19f4b348ee41c8f6e
-http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl - archive HTML
>-http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl/Script.0 - Ok
>-http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl/Script.1 - Ok
>-http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl/Script.2 - Ok
>-http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl/Script.3 - Ok
-http://webcache.googleusercontent.com/search?q=cache:T5HDU4wqZo0J:www.adeiskandar.com/+http://www.adeiskandar.com&cd=1&hl=nl&ct=clnk&gl=nl&source=www.google.nl - Ok
polonus