SMF Support > SMF 2.0.x Support

Nasty, Hidden Virus on Simple Machines

<< < (2/14) > >>

slumdog10:
I had a problem with someone hacking my server, they got into all my sites and infected all my files in each site. In the end my hosting account had to be reset fully to how it was when I first got it. You may have to delete all files on your server. If you have more than one site you should check all the other sites. You should change your FTP passwords and see if that helps.

ApplianceJunk:

--- Quote from: slumdog10 on October 07, 2011, 04:27:41 PM ---I had a problem with someone hacking my server, they got into all my sites and infected all my files in each site. In the end my hosting account had to be reset fully to how it was when I first got it. You may have to delete all files on your server. If you have more than one site you should check all the other sites. You should change your FTP passwords and see if that helps.

--- End quote ---

Who is your host?

ziycon:
You could have a 'true' virus like and installer or a rootkit, they can be quit nasty to remove, have a look at installing and running the below, there all free amd can be removed after words.

AVG Free - Anti Virus if you dont already have one
Spybot - Anti spyware
Malwarebytes - Anti spyware

You should always use a few programs as one alone never removes everything, keep track of the names of anything the fix/heal or remove.

Flavious:
Thanks everyone..

So we do have AVG and I believe another software scanning for stuff, and it comes up with nothing.

This is on a dedicated server, and there is no other sites on the box then this one.

Got an email this AM that one of my users software is detecting last week the site had "MBR viruses"  and now he says his  "Anti-Malware is catching a Fakesysdef trojan and the PDFjsc.rm exploit virus on every visit." Worse, he says his virus software started popping up *After* I upgraded simple machines to 2.0. ?


How can that be if the software we have on the server says it is clean?

The host is asmallorange.com.

I went through the site and deleted any files and folders that are not being used, and looked through a lot of code, but not all of it... and I don't see anything.

Illori:
you have managed hosting? ask your host to take a look into the issue that is why you are paying them.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version