Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: what is this?
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Mon, 14 Jan 2008 12:34:48 +0300

Dear crazy frog crazy frog,

  Clear  your  computer  from  trojan,  change FTP password for you site
  hosting  access,  because it's stolen, access your hosting account via
  FTP  and remove additional text (usually at the end of the file, after
  </html>) from all HTML/PHP pages.

--Sunday, January 13, 2008, 7:01:34 PM, you wrote to full-disclosure () lists grok org uk:

cfcf> Hi,

cfcf> Recently on opening one of my site,my antivirus pops up saying that it
cfcf> has found on malicious script.the url is random and i have managed to
cfcf> get tht script.it is using some flaw in apple quick time.
cfcf> u can get the zip file for java script here:
cfcf> http://secgeeks.com/what.zip
cfcf> password is 12345
cfcf> can somebody guide/help me what is this and how can i remove it?



-- 
~/ZARAZA http://securityvulns.com/
Стреляя во второй раз, он искалечил постороннего. Посторонним был я. (Твен)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]