Results 1 to 4 of 4
  1. #1
    Join Date
    Sep 2007
    Posts
    32

    a virus on a Linus server

    Hey,

    I have a huge problem, and have no idea how to solve it.

    There's supposed to be a virus on one of my server (called "cdpuvbhfzz"). Anyone has any idea on how to remove it? What software to install, what do do next. Also, is transferring an infected account on a different machine is also transferring a virus?

    I am on CentOS 5, using cPanel.

    I will be very thankful for help.

    Vicky

  2. #2
    Hi Vicky,

    It's not a virus as such. Somebody has hacked in to your website and updated your website files. They've probably got in through a known bug in some of the applications you have on there, perhaps you have a bulletin-board system, or, an image gallery etc.

    Do you have a backup of the site, that would be easiest way to clean up the mess. You'll also need to upgrade your applications to the latest versions, perhaps if you could post more information about your server and the software and we might able to work out where the attack occured.

    If you move the account, the PHP pages will still be modified so this won't help.

    Hope this helps

    Andrew

  3. #3
    Join Date
    Feb 2004
    Location
    UK
    Posts
    1,429
    Hi

    You also may want to consider installing and running a check root kit script.

    this will look in the most common places and identify any nasty scripts that maybe lurking around.

    Thanks

  4. #4
    Join Date
    Nov 2001
    Location
    Philadelphia, Pa
    Posts
    949
    IIRC 'cdpuvbhfzz' is just a sql exploit that inserts an iframe. Your server most likely doesn't have a root compromise.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •