Virus on my site, HELP
-
-
- Foekie_t
- Jr. Rocketeer
- Posts: 26
- Thanks: 0
-
Hi,
Can someone help me with this, as I can't identify what is wrong and how it's done. This is my own dedicated server, so I can't ask anybody from the host
.
Someone is uploading files to my server, or editing the files in some way... The files seem OK, but the last lines are some kind of code... a virus is added to it ( code starting with: /*km0ae9gr6m*/try{q=documen ). kaspersky gives next alert: Trojen-downloader.JS.Expack.sn
How can I stop this, How can I analyse what is wrong and how it's done ?? The files which are edited, are inside plugins and modules... Not just 1 place... Can ANYBODY help me with this please. Is this something inside the template ? A module... ? Webserver ? mysql injection ??
Thanks in advance..
Foekie
-
-
-
- prim
- Preeminent Rocketeer
- Posts: 17290
- Thanks: 217
- Maybe this helps: serverfault.com/questions/400160/got-a-m...ipt-files-how-do-i-f
- Please reply with a direct link to the issue & create a new thread for each new issue.
A template is only as good as the content that goes into it
- DanG
-
-
-
- prim
- Preeminent Rocketeer
- Posts: 17290
- Thanks: 217
- Also, if you have access to the server then maybe ClamAV or similar could help clean up the mess. Have you asked your webhost for help?
- Please reply with a direct link to the issue & create a new thread for each new issue.
A template is only as good as the content that goes into it - DanG
-
-
-
- Foekie_t
- Jr. Rocketeer
- Posts: 26
- Thanks: 0
-
Hi,
It's a dedicated server, so I am the webhost ).
I will check the 2nd post... what I have done, at first, delete all files which where compromised
Updated all extensions from ftp...
changed the passwd's...
how this will help
Thanks.
-
Time to create page: 0.071 seconds