Announcement

Collapse
No announcement yet.

Virus in my vB 3.8 website, considering upgrade to 4

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Virus in my vB 3.8 website, considering upgrade to 4

    Hi,

    Running vB3.8 on my site.

    Some members are getting warnings that a virus has contaminated by site. Some have gotten a "Windows update" virus, others mention an AVG "black hole exploit". Whatever it is, it's not good and I'm losing people.

    I think it's probably a hack or something made it's way into the code but I don't know enough to figure it out.

    Would upgrading to vB4 erase old files and overwrite potentially "hacked" code or should I delete all files and reinstall.

    I'm really puzzled here, don't know how to proceed.

    Thanks.

    Pharkas

  • #2
    Originally posted by pharkas View Post
    Hi,

    Running vB3.8 on my site.

    Some members are getting warnings that a virus has contaminated by site. Some have gotten a "Windows update" virus, others mention an AVG "black hole exploit". Whatever it is, it's not good and I'm losing people.

    I think it's probably a hack or something made it's way into the code but I don't know enough to figure it out.

    Would upgrading to vB4 erase old files and overwrite potentially "hacked" code or should I delete all files and reinstall.

    I'm really puzzled here, don't know how to proceed.

    Thanks.

    Pharkas
    You should do a check of your files and the db. Cehck also the server space for any file that shouldn't be there and contact your host to check their logs and see what happened.

    Comment


    • #3
      Thanks Borbole.

      Problem is that I have no idea which files should and shouldn't be there, and would not know what to look for in the DB.

      Any suggestions as to what I should be looking for ?

      Pharkas

      Comment


      • #4
        AdminCP -> Maintenance -> Diagnostics -> Suspect File Diagnostic.

        That will tell you if there are additional files or edited files in your vBulletin Folder.

        Comparing your templates to the default templates in the Style Manager would tell you if any of them have been edited. However it could be a false positive. It wouldn't be the first time with AVG.
        Translations provided by Google.

        Wayne Luke
        The Rabid Badger - a vBulletin Cloud demonstration site.
        vBulletin 5 API - Full / Mobile
        Vote for your favorite feature requests and the bugs you want to see fixed.

        Comment


        • #5
          Originally posted by Wayne Luke View Post
          AdminCP -> Maintenance -> Diagnostics -> Suspect File Diagnostic.
          It wouldn't be the first time with AVG.
          That is true. Avg is known to give bogus warnings.

          Comment


          • #6
            You should check your whole site (which includes your forum) for suspicious new files-folders.


            vB5 is unequivocally the best forum software, but not yet...

            Comment


            • #7
              check index.php and login.php files and look for <ifram in theme

              if you found it remove the code

              Comment

              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
              Working...
              X