Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted May 31, 201311 yr Hi, I'm in trouble with a site that has a troyan attack I have no idea what to do, what not to tod and how to do, or not do it, so i'll have to pay somebody to do it. Is there anybody around with some spare time, and that wouldn't mind doing it for some $ (hopefully not too much?)
May 31, 201311 yr Author ok.. i'm probably going to bed anyway (its 1am here) so maybe get in touch tomorrow? i've downloaded all the files, and my avast is going crazy! it has already put over 100 files in guaranty!
May 31, 201311 yr Did you try contacting Gary. here on the board? Just send him a PM or email: http://community.invisionpower.com/user/137679-gary/ He is not only a guru at optimizing a server running Invision software, but he knows a lot about security as well. He is in the UK BTW. Comes highly recommended! Warm regards, Wim
June 1, 201311 yr fwiw it was this http://labs.sucuri.net/db/malware/mw-redirection121?v4 from a infected htaccess file in root (not /forum) from a leftover wordpress install . deleted files, locking down permissions and monitoring.
June 1, 201311 yr this all started from a wordpress issue. signatures. posts, tons of stuff (1200 files in cache/tmp) infected. cleaned up the files but the database is balking and its 1and1 which is so out of date is a travesty. importing db backup (taken before I did anything) to get it running. where 1and1 only allowed 1 database there was a wordpress and ip setup on the database. just matter of manually going through every table it looks like LOL
June 1, 201311 yr today I remembered why I detest 1and1 servers. ended up having to move hosts just so I could work the database. had 2500 or so bad files in cache folder. this WAS the base64_decode issue too. board had been updated regularly so not sure when it happened. I could not determine when the default.php file was first created.
Archived
This topic is now archived and is closed to further replies.