Icy Phoenix

     
 


Post new topic  Reply to topic 
Page 1 of 2
Goto page 1, 2  Next
 
Reply with quote Download Post 
Post Forum Virus 
 
Hello friends, this time I have the following little problem ... this is my forum that virus entered him a few weeks ago, after I transferred files hosting and got brand new ... not infected, but this day turned to infect my forum ... the virus is an iframe.

The truth that is a problem that tene me crazy, I hope to get some I can do and to resolve

Use the Version Icy Phoenix 1.3.0.53

My Forum website is: http://foro.mu-trujillo.net
 



 
Nvidia2012Send private messageVisit poster's website  
Back to topPage bottom
Icy Phoenix is an open source project, you can show your appreciation and support future development by donating to the project.

Support us
 
Reply with quote Download Post 
Post Re: Forum Virus 
 
Your site is considered as dangerous by google / firefox . . .
Anyway, did you AT LEAST tried to remove EVERY files and upload new ones ? If one of your file has been infected, it should clear the problem. Just reupload the site.

Also take a look to this topic. It may help you.
 



 
YrosSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Yros wrote: [View Post]
Your site is considered as dangerous by google / firefox . . .
Anyway, did you AT LEAST tried to remove EVERY files and upload new ones ? If one of your file has been infected, it should clear the problem. Just reupload the site.

Also take a look to this topic. It may help you.


Hello, just came back up files completely new, even let my hosting totally empty but after a few days re-infect, was thinking that maybe there is someone behind this.
 



 
Nvidia2012Send private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
I can access just fine...

Google considers the sites dangerous when you have some virus or when you try to fraud people... It's not usual a normal website to be considered dangerous... Anyway, I think there's always a link saying "I am the webmaster, this is an error" or something like that, so you can try to make them to delete the warning.

Greets!
 




____________
Gabriel Anca
 
KasLimonSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
You should recheck all publicity placed by you on your site.

Google considers many anounces , that donĀ“t come from itself ( google) as dangerous.

For example ( www.amigos.com)
 




____________
Out of Order
 
spydieSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
It seems to be fixed, isn't it ?
 



 
YrosSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Problem is . Once in the google Black-list. you stay there for about 90 days.
 




____________
Out of Order
 
spydieSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Hi, the problem is caused by a virus (iframe) and obviously when you have a virus on your website google website marks you as dangerous, the problem is how the virus infects my Forum is a big issue to me .... the only thing I do to fix it is delete everything and upload again ... but that's not a real solution because it is not infecting the Forum, sometimes the virus leaves you blank the forum as I now step ...

I hope you can help me thanks!
 



 
Nvidia2012Send private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
If you know where this comes from. you can try to block it out by ht.access file
 




____________
Out of Order
 
spydieSend private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
The virus is the following script ...

Code: [Download] [Hide] [Select]
http://bumin.org/buminbbc_yuntan/test.php


Help Please !!  
 



 
Nvidia2012Send private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Script Virus View

untitled

Help Please    
 



 
Nvidia2012Send private messageVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
hey spydie, I await you do not mind me hijacking "your thread".

nvidia2012, have you tried to scan your computer with an up-to-date antirootkit, antivirus and antispyware (all of them, BTW, that is the preferent order of scanning)?

If you do not have one or any of these kind of products, there are some of them available on the net for free for your installation lifetime (and with very good quality, BTW). You can PM me if you want and I will gladly make you know some of them.

BTW, do not relay on panda's cloud AV. It does not actually scan the files, while applying the full "scan" meaning.

If you are sure the virus is not on your computer, neither the server's files, try getting a full backup of all your icy tables in the DB, and find the string that is the virus url. I do recomend partial searches...

I recommend looking for:

Code: [Download] [Hide] [Select]
bumin.org
buminbbc_yuntan
test.php

 



 
novice programmerSend private message  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Are you sure your hosting service is secure?

Some injections have been recently develepod to exploit some security holes in hosting services.
 




____________
Luca
SEARCH is the quickest way to get support.
Icy Phoenix ColorizeIt - CustomIcy - HON
 
Mighty GorgonSend private messageSend e-mail to userVisit poster's website  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Mighty Gorgon wrote: [View Post]
Are you sure your hosting service is secure?

Some injections have been recently develepod to exploit some security holes in hosting services.


That is totally true, but I think we should first think around the posibility that the user had his own DB/scripts exploited, as long as he reports he has changed the hosting and the problem still persists.

But, in order to discard that, could you say us:

-If you are on a shared hosting, a VPS or a dedicated server?
-If you have any other server side software that is out-of-date, and therefore it cold be exploited, causing the problem?
-If you know any other users in your hosting service that could have the same problem of yours?

Please, note that if you are on a free hosting you could have migrated from a hoster to any of their resellers, or perhaps on the reverse way....

BTW, remember to review your CHMOD for all your files when you get rid of this nasty thing. It is the first common error among non-profesional developers (in which I must include myself, I am just an amateur....).
 



 
novice programmerSend private message  
Back to topPage bottom
Reply with quote Download Post 
Post Re: Forum Virus 
 
Hello.

I have reviewed the tables and the database and there is no sql injections or malicious code...  
 



 
Nvidia2012Send private messageVisit poster's website  
Back to topPage bottom
Post new topic  Reply to topic  Page 1 of 2
Goto page 1, 2  Next


Display posts from previous:    

HideWas this topic useful?

Link this topic
URL
BBCode
HTML




 
Permissions List
You cannot post new topics
You cannot reply to topics
You cannot edit your posts
You cannot delete your posts
You cannot vote in polls
You cannot attach files
You can download files
You cannot post calendar events


  

 

  cron