Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOff topicSuspected virus on clients website


15 posts

Geek


Topic # 7381 10-Apr-2006 18:32
Send private message

Hi,
A web host client has had complaints that his website is infexted with some kind of virus. At this stage we don't even know if the complaint is about at trojan or some other vermin.

Is there any program that can be run from a remote location which tests a website for such infections? sort of a NAV for websites?

Thanks for any help.
Bruiser

Create new topic
BDFL - Memuneh
61812 posts

Uber Geek
+1 received by user: 12466

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 32739 10-Apr-2006 19:54
Send private message

All programs will have to run locally - and be installed locally to run. Unless you have the AV installed on your machine, map the remote drive and run the scan. Probably really slow if it's a large machine, and not on the same (fast) network.




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Business Transformation | Enterprise Content Management | Customer Relationship Management | Sharesies investment fund



15 posts

Geek


  Reply # 32745 10-Apr-2006 20:28
Send private message

The "other machine" is a client's website which is hosted 800 k's from my office. I need to know if there is a way of determining whether his website has been infected by some means, and if so, what the infection is. I don't think re-mapping is the answer here?

Regards,
Bruiser

 
 
 
 


I iz your trusted friend
5811 posts

Uber Geek
+1 received by user: 140

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 32752 10-Apr-2006 21:42
Send private message

rinse, wash, and re rinse, and wash, and repeat.


my guess probably the infected files got uploaded to the site, and are linked in the webpages... best to remove all files, check through each file that will be uploaded at the development environment, scan with antivirus. then upload fresh new copy




Internet is my backyard...

 

«Geekzone blog: Tech 'n Chips Takeaway» «Personal blog: And then...»

 

Please read the Geekzone's FUG

 

BDFL - Memuneh
61812 posts

Uber Geek
+1 received by user: 12466

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 32753 10-Apr-2006 21:45
Send private message

That's the most appropriate course of action. If you don't have an AV already installed, then assume the whole machine is compromised and simply start from the scratch, reloading OS and all files - and any database from the last backup, unless you can create a reliable database backup before starting the process.

Some worms (mainly in PHPBB forums apparently) can insert themselves into the code and then replicate from there.

Cleaning this may cost more in terms of time than simply recreating the servers.




Backblaze cloud backup (personal and business) | Geekzone broadband switch | Amazon (Geekzone aff) | MightyApe (Geekzone aff)

 

My technology disclosure | Business Transformation | Enterprise Content Management | Customer Relationship Management | Sharesies investment fund

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.