Support Forums

Grebogreen · 04-14-2008, 04:09 PM

I've had my site suspended at present as my hosting provider has found a trojan "my_photos.exe"
I know for sure I have not intensionaly uploaded it. Is there anyway it could have been uploaded through a php file? What is the most likely way this trojan has got there?

***Eric Barnes*** · 04-14-2008, 04:27 PM

There could be all sorts of ways. It could be through a php script, by someone gaining access through ftp, a security hole, etc, etc.

Are you running anything besides 68 Classifieds?

Grebogreen · 04-14-2008, 05:05 PM

The only other thing on site is "myadserver". Whats the best way to protect from this happening again as I don't even know how it got there.

Lhotch · 04-14-2008, 05:11 PM

Quote:

Originally Posted by Grebogreen

Whats the best way to protect from this happening again as I don't even know how it got there.

Thats not something that can really be answered here. There are people whose sole responsibility it is to secure systems and its a career for them so explaining it on a forum isnt practical or realistic.

On a side note, there is a new virus going around called kraken, pretty mean from what I hear but like most it usually is passed off as an attachement to e-mail and makes people think its an image and before ya know it they click it.

Do you have any e-mail addresses on your server? Perhaps it was attached to an e-mail and sent to you and that triggered them to shut you down. Id talk to you host to see where they found the file because that will at least give you some idea of how it may have gotten on your site.

04-14-2008, 04:09 PM	#1
Grebogreen Member Join Date: Apr 2007 Posts: 65 Rep Power: 11	TROJAN found on my site I've had my site suspended at present as my hosting provider has found a trojan "my_photos.exe" I know for sure I have not intensionaly uploaded it. Is there anyway it could have been uploaded through a php file? What is the most likely way this trojan has got there? __________________ Thanks Mike @ Horsemania v3.1.7 Designer

04-14-2008, 04:27 PM	#2
*Eric Barnes* 68 Classifieds Staff Join Date: Mar 2006 Location: Belmont, NC Posts: 5,130 Rep Power: 118	There could be all sorts of ways. It could be through a php script, by someone gaining access through ftp, a security hole, etc, etc. Are you running anything besides 68 Classifieds? __________________ Eric Barnes 68 Classifieds Developer Please do not send me a private message asking for support. Instead use these open forums or our ticket system. Customer Area \| Issue Tracker \| Documentation \| 68C Mods \| Submit a Ticket \| 68 @ Twitter \| My Modules

04-14-2008, 05:05 PM	#3
Grebogreen Member Join Date: Apr 2007 Posts: 65 Rep Power: 11	The only other thing on site is "myadserver". Whats the best way to protect from this happening again as I don't even know how it got there. __________________ Thanks Mike @ Horsemania v3.1.7 Designer

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Copying a site , same domain	Greg H	v3.1 Questions & Support	3	02-19-2008 09:25 AM
Demo site getting ridiculously high rankings???	Maffo	v3.1 Modules & Modifications	13	01-09-2008 04:28 PM
RSS site sync.	Lhotch	v3.1 Modules & Modifications	2	01-02-2008 02:10 PM
Site Review Please	VanWertAds*com	v3.1 Suggestions and Feedback	4	09-20-2007 06:45 PM
Making a 'seller' sale without the site being officially open	Chaslie	Site Marketing	5	05-11-2006 09:57 AM