I'm an ASP developer, running my own websites on a Virtual Server thats runs under Windows 2008 Server + Plesk 11.0.9
Recently, a malicious script with a 1px iframe > was added to several .html pages.
I have downloaded the Kaspersky AVZ Tool, and the result is that the virus write itself inside several Plesk DLLs.
I suspect it comes from an SQL injection on Plesk.
I need someone with Plesk and Windows Server 2008 knowledge able to secure the "hole" + and make security adjustments , in order to avoid future attack.
If necessary, I am planning to set up the Kaspersky Anti-Virus for Windows Servers Enterprise.
I think i'm close, but stuck at the moment!
I can furnish:
- A Link to download Kaspersky AVZ Removal Tool. It also gives a lot of informations that you will be useful for you in this mission
- A Link to Kaspersky Anti-Virus for Windows Servers Enterprise + a 30 day license that i need to test. I will buy a license once the server is secured.
- An example of a corrupted .html file
- The name of some corrupted .dll files the virus replicates in.