Hi ! Nothing to do with typo3, but it may help - I've had a similar case with a customer :
A windows pc was infected and use a ftp connection with login/pass registered to uploads the worm on the server. Have a look at the ftp server logs if any and think changing passwords. Maxime Fauquemberg http://www.oblady.com Le lundi 12 janvier 2009 à 14:12 +0200, Dmitry Dulepov a écrit : > Hi! > > Asbjørn Morell wrote: > > When I open my homepage Avast antivirus gives me a warning: > > > > Access blocked to: > > whitebiz.vn > > wertionase.com > > > > I looked at the html source and there is some encrypted javascript at > > the bottom. (see below) This can't be good. I tried replacing the Typo3 > > dir with a fresh source and cleared backend and frontend case. Any ideas > > wgere this is coming from? The webserver is hosted at servage.com > > Check your templates, TS, etc. It definitely does not come from the core. > Most likely you have an easy BE password or bad file system permissions, or > 3rd party script that allows execution of the external files in server > context, etc. > > In other words, search for the security problems on the server. > > -- > Dmitry Dulepov > TYPO3 core team > > Mr. Harris: People say that you were the last person to speak with Jordon... > Is that true? > Cameron: I don't know. Are you asking me if people say I was the last person > to talk to Jordon? Or are you asking me if I was the last person > to talk to her? > Mr. Harris: I guess I'm asking if you were. > Cameron: I don't know. > _______________________________________________ > TYPO3-english mailing list > [email protected] > http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english _______________________________________________ TYPO3-english mailing list [email protected] http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
