Re: [BinusNet] (unknown)

Sun, 15 Nov 2009 19:18:24 -0800 

Tidak ada.

Utk yg vypress saya terpaksa memakai repair.

Utk yg excel 2000 enter dulu krn belom ada CD nya ^.^

Tq.


--- On Mon, 11/16/09, yanto chiang <[email protected]> wrote:

From: yanto chiang <[email protected]>
Subject: Re: [BinusNet]  (unknown)
To: [email protected]
Date: Monday, November 16, 2009, 9:51 AM







 



  


    
      
      
      Hi Aay,



Pada saat kamu install SMADAV, apakah ada informasi atau error notifikasi yang 
terjadi?



Thanks and Regards,



Yanto



____________ _________ _________ __

From: Aay Cosmas <aay_intermilan@ yahoo.com>

To: binus...@yahoogroup s.com

Sent: Monday, November 16, 2009 9:10:46

Subject: Re: [BinusNet]  (unknown)



Yanto Chiang, terima kasih atas infonya.



Akhirnya saya pake smadav.



Tapi anehnya setelah saya pake smadav, software excel & vypress tidak bisa 
dipake.



Ok. Tq.



--- On Wed, 11/11/09, yanto chiang <yanto_chiang@ yahoo.com> wrote:



From: yanto chiang <yanto_chiang@ yahoo.com>

Subject: Re: [BinusNet]  (unknown)

To: binus...@yahoogroup s.com

Date: Wednesday, November 11, 2009, 1:15 PM



HI Aay,



Berdasarkan referensi dari avast antivirus bahwa webpage ini telah terinfeksi 
oleh HTML:i-frame yang dimana script pada webpage HTML telah di injeksi oleh 
perintah, salah satu contohnya adalah sebagai berikut :



2.1 - Web page infection



Among the new features is the ability to infect Web pages on the



local machine. Whenever the file infector has an access to a file on



the hard drive, it checks whether the files is EXE, SCR, HTM, PHP, or



ASP, and then acts accordingly. For the PE files, the code discussed



above is used for the infection. For HTML pages, the virus actually



injects an iframe at the very end of the page:



NOTE: Just before the actual iframe code, we can see a string used



in the virus. This isn't added to Web pages, but to the host file.



Since the machine is already infected, the virus author doesn't want



the machine to be infected again, and therefore blocks access to the



malicious page with the host file modification.



(Source : http://securitylabs .websense. com/content/ Blogs/3300. aspx)



Sedangkan hasil scan kami menemukan :



Source code of submitted URL:



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional/ /EN">



<html>



<head>



<title>Send big files the easy way. Files too large for email attachments? No 
problem!</title>



<script language="JavaScrip t1.1" type="text/javascri pt">



<!--



location.replace( "http://hisoftdream. com");



//-->



</script>



<noscript>



</noscript>



</head>



<body>



Click here to download file



</body>



</html>



Source : http://jutaky. no-ip.org/ index.php? option=com_ content&task= 
view&id=19& Itemid=32



HTML:iFrame sendiri adalah sejini trojan yang dimana hacker melakukan injeksi 
baik melalui Webpage ataupun Email, dimana pada saat korban melakukan atau klik 
website tersebut, secara otomatis file injeksi itu akan terinstall di dalam 
PC/Notebook korban.



Jadi mohon untuk tetap berhati hati dalam melakukan aktifitas dalam dunia 
internet.



Proteksi diri Anda dengan tool antivirus ataupun anti rootkit ataupun anti 
malware yang benar benar bisa dihandalkan.



Jenis jenis i frame dapat dibaca di: http://www.avast. com/eng/search. 
php?searchFor= iframe&fnc= search〈=ENG&x=0&y=0



Thanks and Regards,



Yanto



____________ _________ _________ __



From: Aay Cosmas <aay_intermilan@ yahoo.com>



To: binus...@yahoogroup s.com



Sent: Tuesday, November 10, 2009 10:33:51



Subject: Re: [BinusNet]  (unknown)



apakah ini virus ?



kalo yg sudah terlanjur klik link-nya gimana ya ?



Cara mengatasi virus ini gimana ya ?



Thanks



--- On Mon, 11/9/09, HILARIUS JANUARFIAN <hillbi...@yahoo. com> wrote:



From: HILARIUS JANUARFIAN <hillbi...@yahoo. com>



Subject: [BinusNet]  (unknown)



To: to=val_hendri@ yahoo.com, thomas_...@yahoo. com, aidah...@yahoo. com, 
bpkm_...@yahoogroup s.com, ka...@realta. net, beloved_niken@ yahoo.com, 
tunj...@ftr. co.id, andr...@sentral- sistem.com, Ita_godilove@ yahoo.com, 
TemuKeluarga@ yahoogroups. com, binus...@yahoogroup s.com



Date: Monday, November 9, 2009, 11:17 AM



http://taquarigas. com.br/swCgi9csY 4.html



[Non-text portions of this message have been removed]



New Email addresses available on Yahoo!



Get the Email name you&#39;ve always wanted on the new @ymail and @rocketmail. 



Hurry before someone else does!



http://mail. promotions. yahoo.com/ newdomains/ aa/



[Non-text portions of this message have been removed]



[Non-text portions of this message have been removed]



New Email addresses available on Yahoo!

Get the Email name you&#39;ve always wanted on the new @ymail and @rocketmail. 

Hurry before someone else does!

http://mail. promotions. yahoo.com/ newdomains/ aa/



[Non-text portions of this message have been removed]





    
     

    
    


 



  






      

[Non-text portions of this message have been removed]

Kirim email ke