Hi,

I just accessed the home page at www.esyndicat.com (http://www.esyndicat.com) and got this warning from AVAST antivirus. Sign of "VBS:Malware-gen" has been found in "http://e.pepato.org/e/mdqt.php" file. You may want to look into it pretty quick.

Bugger....I hope my AV picks something up when I try this...


ok gave it a go no reports of anything malicious going on.... but will note

what exactly happened to you....what exactly were you doing

check this out first (http://forums.techguy.org/malware-removal-hijackthis-logs/624922-infected-vbs-malware-gen-win32.html)

and this one too (http://forum.avast.com/index.php?board=4;action=display;threadid=6104)

PS. I have been accessing that page all weekend no reports of anything, is your system software os etc completely upto date.

Hi,

I just accessed the home page at www.esyndicat.com (http://www.esyndicat.com) and got this warning from AVAST antivirus. Sign of "VBS:Malware-gen" has been found in "http://e.pepato.org/e/mdqt.php" file. You may want to look into it pretty quick.

The same - two day ago. And IE 7 tried to open outlook.exe.

Hi guys,
Thanks for your reports. Could you please post a screenshot? I have just downloaded the latest version of Avast just to check this. I also use Kaspersky and my antivirus DB is updated. I do not see any problem. Thanks in advance

Try http://e.pepato.org/e/mdqt.php - this is from my avast log (VBS:Malware-gen; 2008-02-03 10:56:03).

Like I've written before IE7 tried to open outlook.exe.

Yes, my Kaspersky also informs me about virus when I open that page. But I do not understand how it's related to eSyndiCat.com site

I don't know but - as you see - me and Darryl have been accessing eSyndiCat.com site some days ago and have the same symptom.

(( pretty strange.. Would you please make a screenshot if you ever have this problem again?

ok - sure :)

Thanks for the reporting. I found the source of the problem. We had some javascript on our pages and they were real virus. I have contacted our hosting providers and they made some changes in server configuration + I changed all our passwords.

Fine,

But has your site been hacked or someting like that? What is the reason? I hope your site is now more safe,

Good luck :)

Disable javascript on your clientside browser. This should not stop sites running javascript server side when you arrive on a site that uses javascript. So I think, to the best of my knowledge

I do not recommend to disable JS when you are on our sites. :( We have too many JS bells and whistles.. I have seen this kind of problem on several sites. I suppose it's more a problem of hosting rather than our site. I have contacted HFW team and they promised to investigate the problem.

Today your http://www.intelliants.com/ site tried to open http://e.pepato.org/e/mdqt.php and freezes my IE

So - try it, please

My av isn`t reporting a thing hell I also ran another top online av and no reports strange, will test the javascript thingy could of swore had it disabled the other day and everything was fine, page might have been cached.... hell wouldn`t have been first time I was wrong...lol mistakes the path to enlightenment.

keep forgetting I have 2 firewalls now...

Thanks zsoi3
Fixed on intelliants.com.. I have rechecked our sites today and no this error anymore.