Backdoor:PHP/SimpleShell.A | WordPress.org

tarzan_055
(@tarzan_055)

10 years, 1 month ago

Dear All,
i appreciate your help in this matter. i am running wordpress for a while now (2 years) and everything is going well. lately someone is trying to drop a trojan on my server and he is keeping on trying everyday 10 to 20 times but my anti-virus is catching the trojan everytime. i get this info

Name: Backdoor:PHP/SimpleShell.A
ID: 2147684280
Severity: Severe
Category: Backdoor
Path: file:_C:\WINDOWS\Temp\phpF0.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF2.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF4.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF6.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF8.tmp->[PHP];file:_C:\WINDOWS\Temp\phpFA.tmp->[PHP]
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
User: servername\IUSR_servername
Process Name: C:\Program Files\PHP\php-cgi.exe

while he/she fails in dropping the trojan but i am afraid he will secceed one day. any help in protecting my server or tracking the user is appreciated.

BR

Viewing 1 replies (of 1 total)

Thread Starter tarzan_055
(@tarzan_055)

10 years ago

Gents,
adding to the above text i found out that disable file upload on PHP will stop the tries of attack.
any help.

Viewing 1 replies (of 1 total)

The topic ‘Backdoor:PHP/SimpleShell.A’ is closed to new replies.

Tags

In: Fixing WordPress
1 reply
1 participant
Last reply from: tarzan_055
Last activity: 10 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics