|
Page 1 of 2
|
Nvidia2012
Joined: July 2009
Posts: 28
Location:
|
Forum Virus
Hello friends, this time I have the following little problem ... this is my forum that virus entered him a few weeks ago, after I transferred files hosting and got brand new ... not infected, but this day turned to infect my forum ... the virus is an iframe.
The truth that is a problem that tene me crazy, I hope to get some I can do and to resolve
Use the Version Icy Phoenix 1.3.0.53
My Forum website is: http://foro.mu-trujillo.net
|
#1 Wed 18 Nov, 2009 21:47 |
|
Sponsors
|
Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.
|
|
Yros
Joined: April 2009
Posts: 283
Location:
|
Re: Forum Virus
Your site is considered as dangerous by google / firefox . . .
Anyway, did you AT LEAST tried to remove EVERY files and upload new ones ? If one of your file has been infected, it should clear the problem. Just reupload the site.
Also take a look to this topic. It may help you.
|
#2 Wed 18 Nov, 2009 21:52 |
|
Nvidia2012
Joined: July 2009
Posts: 28
Location:
|
Re: Forum Virus
Your site is considered as dangerous by google / firefox . . .
Anyway, did you AT LEAST tried to remove EVERY files and upload new ones ? If one of your file has been infected, it should clear the problem. Just reupload the site.
Also take a look to this topic. It may help you.
Hello, just came back up files completely new, even let my hosting totally empty but after a few days re-infect, was thinking that maybe there is someone behind this.
|
#3 Thu 19 Nov, 2009 02:09 |
|
KasLimon
Joined: November 2006
Posts: 494
Location: Madrid (Spain)
|
Re: Forum Virus
I can access just fine...
Google considers the sites dangerous when you have some virus or when you try to fraud people... It's not usual a normal website to be considered dangerous... Anyway, I think there's always a link saying "I am the webmaster, this is an error" or something like that, so you can try to make them to delete the warning.
Greets!
____________ Gabriel Anca
|
#4 Thu 19 Nov, 2009 09:44 |
|
spydie
Joined: December 2008
Posts: 1796
Location: In the Boxes
|
Re: Forum Virus
You should recheck all publicity placed by you on your site.
Google considers many anounces , that donĀ“t come from itself ( google) as dangerous.
For example ( www.amigos.com)
____________ Out of Order
|
#5 Thu 19 Nov, 2009 16:59 |
|
Yros
Joined: April 2009
Posts: 283
Location:
|
Re: Forum Virus
It seems to be fixed, isn't it ?
|
#6 Thu 19 Nov, 2009 17:04 |
|
spydie
Joined: December 2008
Posts: 1796
Location: In the Boxes
|
Re: Forum Virus
Problem is . Once in the google Black-list. you stay there for about 90 days.
____________ Out of Order
|
#7 Thu 19 Nov, 2009 23:45 |
|
Nvidia2012
Joined: July 2009
Posts: 28
Location:
|
Re: Forum Virus
Hi, the problem is caused by a virus (iframe) and obviously when you have a virus on your website google website marks you as dangerous, the problem is how the virus infects my Forum is a big issue to me .... the only thing I do to fix it is delete everything and upload again ... but that's not a real solution because it is not infecting the Forum, sometimes the virus leaves you blank the forum as I now step ...
I hope you can help me thanks!
|
#8 Sat 21 Nov, 2009 23:24 |
|
spydie
Joined: December 2008
Posts: 1796
Location: In the Boxes
|
Re: Forum Virus
If you know where this comes from. you can try to block it out by ht.access file
____________ Out of Order
|
#9 Sat 21 Nov, 2009 23:56 |
|
Nvidia2012
Joined: July 2009
Posts: 28
Location:
|
Re: Forum Virus
The virus is the following script ...
http://bumin.org/buminbbc_yuntan/test.php
Help Please !!
|
#10 Mon 23 Nov, 2009 15:32 |
|
Nvidia2012
Joined: July 2009
Posts: 28
Location:
|
Re: Forum Virus
Script Virus View
Help Please
|
#11 Sat 28 Nov, 2009 03:40 |
|
novice programmer
Joined: June 2007
Posts: 1030
Location:
|
Re: Forum Virus
hey spydie, I await you do not mind me hijacking "your thread".
nvidia2012, have you tried to scan your computer with an up-to-date antirootkit, antivirus and antispyware (all of them, BTW, that is the preferent order of scanning)?
If you do not have one or any of these kind of products, there are some of them available on the net for free for your installation lifetime (and with very good quality, BTW). You can PM me if you want and I will gladly make you know some of them.
BTW, do not relay on panda's cloud AV. It does not actually scan the files, while applying the full "scan" meaning.
If you are sure the virus is not on your computer, neither the server's files, try getting a full backup of all your icy tables in the DB, and find the string that is the virus url. I do recomend partial searches...
I recommend looking for:
bumin.org
buminbbc_yuntan
test.php
|
#12 Sat 28 Nov, 2009 18:52 |
|
Mighty Gorgon
Luca Libralato
Joined: August 2006
Posts: 7191
Location: Borgo San Michele
|
Re: Forum Virus
Are you sure your hosting service is secure?
Some injections have been recently develepod to exploit some security holes in hosting services.
____________ Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
|
#13 Sat 28 Nov, 2009 20:40 |
|
novice programmer
Joined: June 2007
Posts: 1030
Location:
|
Re: Forum Virus
Are you sure your hosting service is secure?
Some injections have been recently develepod to exploit some security holes in hosting services.
That is totally true, but I think we should first think around the posibility that the user had his own DB/scripts exploited, as long as he reports he has changed the hosting and the problem still persists.
But, in order to discard that, could you say us:
-If you are on a shared hosting, a VPS or a dedicated server?
-If you have any other server side software that is out-of-date, and therefore it cold be exploited, causing the problem?
-If you know any other users in your hosting service that could have the same problem of yours?
Please, note that if you are on a free hosting you could have migrated from a hoster to any of their resellers, or perhaps on the reverse way....
BTW, remember to review your CHMOD for all your files when you get rid of this nasty thing. It is the first common error among non-profesional developers (in which I must include myself, I am just an amateur....).
|
#14 Sun 29 Nov, 2009 15:37 |
|
Nvidia2012
Joined: July 2009
Posts: 28
Location:
|
Re: Forum Virus
Hello.
I have reviewed the tables and the database and there is no sql injections or malicious code...
|
#15 Sat 05 Dec, 2009 02:35 |
|
|
Page 1 of 2
|
Was this topic useful?
Was this topic useful?
Link this topic |
URL |
|
BBCode |
|
HTML |
|
You cannot post new topics You cannot reply to topics You cannot edit your posts You cannot delete your posts You cannot vote in polls You cannot attach files You can download files You cannot post calendar events
|
|
|
|