WordPress.org

Ready to get started?Download WordPress

Forums

Backdoor:PHP/SimpleShell.A (2 posts)

  1. tarzan_055
    Member
    Posted 4 months ago #

    Dear All,
    i appreciate your help in this matter. i am running wordpress for a while now (2 years) and everything is going well. lately someone is trying to drop a trojan on my server and he is keeping on trying everyday 10 to 20 times but my anti-virus is catching the trojan everytime. i get this info

    Name: Backdoor:PHP/SimpleShell.A
    ID: 2147684280
    Severity: Severe
    Category: Backdoor
    Path: file:_C:\WINDOWS\Temp\phpF0.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF2.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF4.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF6.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF8.tmp->[PHP];file:_C:\WINDOWS\Temp\phpFA.tmp->[PHP]
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    User: servername\IUSR_servername
    Process Name: C:\Program Files\PHP\php-cgi.exe

    while he/she fails in dropping the trojan but i am afraid he will secceed one day. any help in protecting my server or tracking the user is appreciated.

    BR

  2. tarzan_055
    Member
    Posted 4 months ago #

    Gents,
    adding to the above text i found out that disable file upload on PHP will stop the tries of attack.
    any help.

Reply

You must log in to post.

About this Topic