Since i saw this problem, i’ve made an update of timthumb.php with the new version and also delete external allowed sites in this request: $ALLOWED_SITES = array ();
I’ve search in each of my files for encrypted text or links but nothing found. Where could be the problem ?
Malware found on javascript file:
hxxp://www.urbangirl.fr/wp-content/plugins/g-lock-double-opt-in-manager/js/glock2.min.js
[note:hxxp so that it is unclickable]
try tracing this js file… :
But you also have to make that link non-click-through in your reply 3. The unaware could click on it and get infected when they have no protection installed.
See: http://urlquery.net/queued.php?id=5946
That ip 213dot186dot33dot19 is pumping malware all sorts, Zeus, Koobface, Banker, Dorkbot, all sorts of Trojans, well quite a selection. Domain has 3050 blacklisted URLs: …malicious URLs? Yes
…badware? Yes
…botnet C&C servers? Yes
…exploit servers? Yes
…Zeus botnet servers? Yes
…Current Events? Yes
…phishing servers? Yes
…spam servers? No
…spam bots? Yes
…spam activity? Yes
There is “buzzea_init();^/script^” malware there,
Buzzea is not a malware, it’s a tracking script for a SEO agency.
What do you mean when you say that (sorry i’m not english :)What do i have to do?:
But you also have to make that link non-click-through in your reply 3. The unaware could click on it and get infected when they have no protection installed.
See: http://urlquery.net/queued.php?id=5946
What do you mean when you say that (sorry i'm not english :)What do i have to do?:
But you also have to make that link non-click-through in your reply 3. The unaware could click on it and get infected when they have no protection installed.
See: hxxp://urlquery.net/queued.php?id=5946
when posting links that may go to malware you break the link so it is not clickable like this
http as hxxp / www as wxw or just remove the http/www like this urlquery.net/queued.php?id=5946 now you cant click it by accident
