Results 1 to 7 of 7

Thread: Website - Virus Infected?!

  1. #1
    Senior Member
    Join Date
    Aug 2008
    Posts
    337
    Thanks
    3
    Thanked
    2 times in 2 posts

    Website - Virus Infected?!

    A colleague is visiting this website: http://www.mfcorp.ae *****WARNING - SUSPECT SITE******

    And Kaspersky doesn't like it, here's it's take on the issue:

    Event Detection of viruses, worms, Trojans, hack tools happened on computer XX in the domain XX at Mon Jul 20 10:44:27 2009 Malicious HTTP object <http://www.mfcorp.ae/>: detected Trojan program 'Trojan.JS.Pakes.bh'.
    Another person also tried the site and got the same. Now, we don't want to contact the firm (they are a customer) and say this if it's just some problem our end..

    So, is anyone willing to visit the site and see if they get similar warnings etc?

    I know this might be a big ask, but I figured some of you might have test beds for this kind of thing or something!?

    I tried Google Safe Browsing report and it came back clear.
    Last edited by peterb; 07-08-2009 at 10:33 PM. Reason: Remove hyperlink to suspected infected site - add warning

  2. #2
    Jay
    Jay is offline
    Gentlemen.. we're history Jay's Avatar
    Join Date
    Aug 2006
    Location
    Jita
    Posts
    8,365
    Thanks
    304
    Thanked
    568 times in 409 posts

    Re: Website - Virus Infected?!

    I get it as well. AVG
    □ΞVΞ□

  3. Received thanks from:

    oldskooladdict (20-07-2009)

  4. #3
    Senior Member
    Join Date
    Aug 2008
    Posts
    337
    Thanks
    3
    Thanked
    2 times in 2 posts

    Re: Website - Virus Infected?!

    Thanks Jay, I've told my colleague to inform the client of a potential problem.


  5. #4
    Senior Member
    Join Date
    Jul 2006
    Posts
    1,457
    Thanks
    33
    Thanked
    75 times in 71 posts

    Re: Website - Virus Infected?!

    I just tried, and got the same result.

  6. #5
    Senior Member
    Join Date
    Feb 2008
    Posts
    925
    Thanks
    4
    Thanked
    161 times in 148 posts
    • smargh's system
      • Motherboard:
      • Gigabyte GA-EP45-UD3P
      • CPU:
      • Xeon E5450 with 775-to-771 Mod
      • Memory:
      • 16GB Crucial
      • Storage:
      • Intel X25-M G2 80GB/Adaptec 3405 4x 2TB Ultrastar RAID1 / 1x 6TB Hitachi He6 / Dying 2TB Samsung
      • Graphics card(s):
      • GTX 750 Ti
      • PSU:
      • Seasonic X-560
      • Case:
      • Lian-Li PC-A71
      • Operating System:
      • Windows 7 Ultimate 64bit
      • Monitor(s):
      • BenQ G2400WD
      • Internet:
      • Really Crap ADSL2 <3Mbit

    Re: Website - Virus Infected?!

    Any Javascript which starts with $="Z6fpZ3dZ22Z2524Z253dZ2522dw(dc can't be good.

    [hopefully that string won't trigger AV...]

  7. #6
    Senior Member watercooled's Avatar
    Join Date
    Jan 2009
    Posts
    11,478
    Thanks
    1,541
    Thanked
    1,029 times in 872 posts

    Re: Website - Virus Infected?!

    You might want to edit your post to remove the link in case anyone without AV clicks it without reading what it is first.

  8. #7
    Late Night Ninja! CrazyMonkey's Avatar
    Join Date
    Oct 2006
    Location
    Bristol
    Posts
    1,510
    Thanks
    29
    Thanked
    44 times in 43 posts
    • CrazyMonkey's system
      • Motherboard:
      • Asus M4N98TD Evo
      • CPU:
      • Phenom II X6 1055T @ 4.1ghz
      • Memory:
      • 8GB DDR3 Dominator @ 1700mhz
      • Storage:
      • 120GB OCZ Vertex 2E - 1TB Hitatchi
      • Graphics card(s):
      • 2x 460 1GB
      • PSU:
      • 850W
      • Case:
      • Silverstone Fortress FT02R-WRI Ltd.Edition
      • Operating System:
      • Win 7, XP, Server2008 RC1, Gentoo
      • Monitor(s):
      • 24" Acer LED - 22" Belinea - 19" Samsung - 19" IIyama
      • Internet:
      • 50 MB Virgin Media Cable

    Re: Website - Virus Infected?!

    The AV is flagging the injected javascript at the bottom.

    You could run the script through FireBug to make it easier to read.

    I'd advise locking down the permissions on the folder/file (chmod 444). Make sure anonymous FTP is disabled, restore fresh copies of files effected from a local backup.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zotac website has a virus?
    By handscombmp in forum General Discussion
    Replies: 3
    Last Post: 18-03-2009, 10:42 PM
  2. Automating Website Backup?
    By Aaron in forum Software
    Replies: 12
    Last Post: 31-08-2005, 01:55 PM
  3. Website / Name Purchasing and Hosting (Help)
    By muddyfox470 in forum Software
    Replies: 8
    Last Post: 08-07-2005, 03:27 PM
  4. Netskyb virus...
    By streetster in forum General Discussion
    Replies: 18
    Last Post: 10-03-2004, 04:00 PM
  5. The AOL virus :D
    By Alex in forum General Discussion
    Replies: 2
    Last Post: 07-02-2004, 04:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •