[Owasp-Malaysia] Malware Detected!

Mohd Syamsuri msyamsuri at gmail.com
Tue Feb 8 04:07:40 EST 2011


can you point...
my index.htm or indexsedc.php or other file?

On Tue, Feb 8, 2011 at 4:19 PM, Adnan bin Mohd Shukor <
adnan.shukor at gmail.com> wrote:

> you have iframe pointed to
> asfiuweof.co.cc/QQkFBg0AAQ0MBA0DEkcJBQYNAgAGBQUBDA==
>
> which is not xss :)
>
> >From my personal point of view, its either caused by:
> 1) malware on pc which has been used for ftp/access to the server
> 2) compromised server
>
> you can send your access.log to cyber999 at cybersecurity.my or
> mycert at mycert.org.my for further analysis :)
>
> thanks
>
> On 8 February 2011 16:00, Mohd Syamsuri <msyamsuri at gmail.com> wrote:
> > I have check it.
> > On Tue, Feb 8, 2011 at 3:49 PM, Rasta Boy <rastaboyz at gmail.com> wrote:
> >>
> >> Hi Mohd Symsuri,
> >>
> >> Why dont you check on the reason why its being blocked, it might help.
> >>
> >>
> >>
> http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://www.pkink.gov.my/
> >>
> >>
> >>
> http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=AS:4788
> >>
> >> Regards,
> >> Kishur
> >>
> >>
> >>
> >> On Tue, Feb 8, 2011 at 3:19 PM, Mohd Syamsuri <msyamsuri at gmail.com>
> wrote:
> >>>
> >>> Assalamualikum and Good day for my fellow friends.
> >>> I need some advise.
> >>> Web site Perbadanan kemajuan Iktisad Negeri Kelantan
> >>> (http://www.pkink.gov.my) have been blocked by Google for almost 4
> days.
> >>> It said that we host malware on our server Malware Detected! ( Google
> >>> said that!!)
> >>> What i did is..
> >>> 1. Scan all the data and upload a new data
> >>> 2. Check the index.html or index.php
> >>> 3. Scan using web scanner using
> >>> http://www.avgthreatlabs.com/
> >>> http://www.virustotal.com
> >>> but still get block..
> >>> Googel said Suspected injected code
> >>> <FRAME SRC="http://www2.pkink.gov.my/indexsedc.php" NAME="confcontent"
> >>> scrolling=yes >
> >>> I have using this code for almost 2 years
> >>> What should i do now?
> >>>
> >>> --
> >>> best regard
> >>> syamsuri
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Owasp-Malaysia mailing list
> >>> Owasp-Malaysia at lists.owasp.org
> >>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>>
> >>> OWASP Malaysia Wiki
> >>> http://www.owasp.org/index.php/Malaysia
> >>>
> >>> OWASP Malaysia Wiki Facebook
> >>>
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
> >>
> >>
> >> _______________________________________________
> >> Owasp-Malaysia mailing list
> >> Owasp-Malaysia at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>
> >> OWASP Malaysia Wiki
> >> http://www.owasp.org/index.php/Malaysia
> >>
> >> OWASP Malaysia Wiki Facebook
> >> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
> >
> >
> >
> > --
> > best regard
> > syamsuri
> >
> >
> >
> > _______________________________________________
> > Owasp-Malaysia mailing list
> > Owasp-Malaysia at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >
> > OWASP Malaysia Wiki
> > http://www.owasp.org/index.php/Malaysia
> >
> > OWASP Malaysia Wiki Facebook
> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
> >
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>



-- 
best regard
syamsuri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20110208/712f7800/attachment-0001.html 


More information about the Owasp-Malaysia mailing list