[RESOLVED] Finding a trojan horse
Results 1 to 5 of 5

Thread: [RESOLVED] Finding a trojan horse

  1. #1
    Senior Member
    Join Date
    Jan 2009
    Location
    CA
    Posts
    257

    resolved [RESOLVED] Finding a trojan horse

    I have a user who claims that his virus protection program alerted him to a trojan horse in one of my programs that he tried to access. I checked the file names that he should have come in contact with and everything looks okay on the server. I've never had a complaint like this and I am not sure how to hunt it down. Any advice?

    Thanks,
    robkir

  2. #2
    Administrator
    Join Date
    Nov 2011
    Location
    Dallas, TX
    Posts
    117
    Try to scan with the same app they used.

  3. #3
    High Energy Magic Dept. NogDog's Avatar
    Join Date
    Aug 2006
    Location
    Ankh-Morpork
    Posts
    13,943
    I would think it's not likely to be your PHP code itself, but some file that the browser is being instructed to load (image, javascript file, etc.), which might include any 3rd party advertisements you display on your site.
    Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be." ~ from Nation, by Terry Pratchett

    "But the main reason that any programmer learning any new language thinks the new language is SO much better than the old one is because hes a better programmer now!" ~ http://www.oreillynet.com/ruby/blog/...ck_to_p_1.html


    eBookworm.us

  4. #4
    Senior Member
    Join Date
    Jan 2009
    Location
    CA
    Posts
    257
    Mystery solved... I installed Google's Re-Captcha three days ago, to try to insure that spammers couldn't feed a bunch of spam on my program's initial 'set up account' email request. Apparently the bad guys broke into Re-Captcha and installed HTML: Bankfraud ZG. The fix? I pulled the plug on the Re-Captcha. The various security programs seem to be aware of it...and, since I keep a log, only a handful of people were at risk. I've learned my lesson.

  5. #5
    Settled 4 red convertible dalecosp's Avatar
    Join Date
    Jul 2002
    Location
    Accelerating Windows at 9.81 m/s....
    Posts
    7,715
    Glad to hear it! Please consider marking this thread as RESOLVED ;-) :-)
    /!!\ mysql_ is deprecated --- don't use it! Tell your hosting company you will switch if they don't upgrade! /!!!\ ereg() is deprecated --- don't use it!

    dalecosp "God doesn't play dice." --- Einstein "Perl is hardly a paragon of beautiful syntax." --- Weedpacket

    Getting Help at All --- Collected Solutions to Common Problems --- Debugging 101 --- Unanswered Posts --- OMBE: Office Machines, Business Equipment

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •