[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1785101118.20080114123448@SECURITY.NNOV.RU>
Date: Mon, 14 Jan 2008 12:34:48 +0300
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: "crazy frog crazy frog" <i.m.crazy.frog@...il.com>
Cc: Untitled <full-disclosure@...ts.grok.org.uk>,
PenTest <pen-test@...urityfocus.com>, bugtraq@...urityfocus.com
Subject: Re: what is this?
Dear crazy frog crazy frog,
Clear your computer from trojan, change FTP password for you site
hosting access, because it's stolen, access your hosting account via
FTP and remove additional text (usually at the end of the file, after
</html>) from all HTML/PHP pages.
--Sunday, January 13, 2008, 7:01:34 PM, you wrote to full-disclosure@...ts.grok.org.uk:
cfcf> Hi,
cfcf> Recently on opening one of my site,my antivirus pops up saying that it
cfcf> has found on malicious script.the url is random and i have managed to
cfcf> get tht script.it is using some flaw in apple quick time.
cfcf> u can get the zip file for java script here:
cfcf> http://secgeeks.com/what.zip
cfcf> password is 12345
cfcf> can somebody guide/help me what is this and how can i remove it?
--
~/ZARAZA http://securityvulns.com/
Стреляя во второй раз, он искалечил постороннего. Посторонним был я. (Твен)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists