my friend's website shows it contains virus

hxxp://www.perl-resume.com

Please see the attached image

Does anyone of you get a virus waring when you visit the above site ?

It is a false alarm or is it a genuine virus ?

Shanthi

INFECTED - see attached screen shot

Malware entry: MW:JS:160 - http://sucuri.net/malware/malware-entry-mwjs160

Metascan - http://metascan-online.com/results.cgi?uid=oyoewmsekncmdt90utegoqlx1nl1mayy

kill that link (make it hxxp , and tell your friend to post himself ;D

Killing ??

I informed my friend and he deleted virus but how to make sure it does not happen again

please test again

http://www.perl-resume.com

Norman lab confirms infected

Already detected as JS/Blacole.AE

EDIT seems sucuri result is Cached so may take some time to change…Sucuri now also say clean :wink:

Metascan now say clean
http://metascan-online.com/results.cgi?uid=x1i6k5ye93f9n7klana5qaqn239h7o2g

so the most common way for this virus to happen is to steal ftp passwords OR hack the server directly and gain access ?

Shanthi

Generally the most common way is the site being hacked due to old versions of content management software being vulnerable and exploited (like, PHP, WordPress, etc.). o the site webmaster/host has to keep the software up to date.

Also see, Tips for Cleaning & Securing Your Website, http://www.stopbadware.org/home/security.

Also see, Help: I Got Hacked. Now What Do I Do? http://technet.microsoft.com/de-de/library/cc512587(en-us).aspx.

Hi Zhanti!
Just saw the tread. I have several websites in the same hosting account, and 2 days ago they all got infected somehow with the exact malware your friend had with his website (mwjs160). I spent all day long yesterday trying to resolve the problem not to avail.
I’ve seen that your friend deleted the virus within a day. Can you ask him how he did that please? I am getting really desperate now.

Thanks.

I've seen that your friend deleted the virus within a day. Can you ask him how he did that please? I am getting really desperate now.
Have you tried this http://sucuri.net/signup

Information for Website Owners
http://stopbadware.org/home/webmasters

Tips for Cleaning & Securing Your Website
http://stopbadware.org/home/security

That’s very useful information thanks.
I am still very curious about how the guy removed that malware from his site. Will be good to see if he didn’t have to pay that much to delete it.

Will be good to see if he didn't have to pay that much to delete it.
90$ for a year....including monitoring every 6 hours....is that expencive ?

All sorted now. I contacted my hosting provider and hey resolved the problem for me. Thanks for your help. :wink: