Viruses

If your Server is running on linux and you forbid to upload EXE files, the possibility is small...

EXE files on Linux server? Linux is not Windows.
However, if you believe what someone may try to upload malicious files, you can always scan writable PHPFusion directories for malicious files using my script:
http://www.phpfusion-mods.com/forum/v...ad_id=8187

Yes, as VIRUS stated the biggest chance to get malware on your server is through allowing file typed other then images, pgf, zip, rar. RAR and ZIP are kinda of dangerous because hackers have figured out a way to unpack those on a server and infect the system.

If your site is affected in the same way as with the hidden spam panel, then it is also possible that they inject a link to a trojan horse, malware, or whatever (or an iframe with that link). It is not hosted on your own server but uploaded to the visitors computer through your website from another server.

I am an admin on www.poolwales.co.uk and have just installed avast anti-virus and keep getting alerts of malicious files or a virus in HTML:Iframe-inf ...any ideas how to resolve this?????

And i have this problem with virus at php fusion HTML:Iframe
But i dot no how to repaired ( delete ).

your site have been infected, check if all directories have an index.php your database prefix is DIFRENT from fusion_ and replace all files with new and change passwords admin/mysql

@simonb33 and lklk : Well anti-virus probably tells you which file, post content of that file here...

now i have another error at database :
query SQL:

-- -- Contenu de la table fusion_usaadmin -- INSERT INTO fusion_usaadmin (admin_id, admin_rights, admin_image, admin_title, admin_link, admin_page) VALUES (1, 'AD', 'admins.gif', 'Administrators', 'administrators.php', 2), (2, 'AC', 'article_cats.gif', 'Article Categories', 'article_cats.php', 1), (3, 'A', 'articles.gif', 'Articles', 'articles.php', 1), (4, 'B', 'blacklist.gif', 'Blacklist', 'blacklist.php', 2), (5, 'C', '', 'Comments', 'reserved', 2), (6, 'CP', 'c-pages.gif', 'Custom Pages', 'custom_pages.php', 1), (7, 'DB', 'db_backup.gif', 'Database Backup', 'db_backup.php', 3), (8, 'DC', 'dl_cats.gif', 'Download Categories', 'download_cats.php', 1), (9, 'D', 'dl.gif', 'Downloads', 'downloads.php', 1), (10, 'FQ', 'faq.gif', 'FAQs', 'faq.php', 1), (11, 'F', 'forums.gif', 'Forums', 'forums.php', 1), (12, 'IM', 'images.gif', 'Images', 'images.php', 1), (13, 'I', 'infusions.gif', 'Infusions', 'infusions.php', 3), (14, 'IP', '', 'Infusion Panels', 'reserved',[...]

Mesazh nga MySQL:

#1062 - Duplicate entry '1' for key 1

Hello
I have upgrade PHPFusion I 6:01:13 at 6:01:18 but I have a virus.
SQL bckup have managed to successfully import

But the virus how to wean?

HTML/Infected.WebPage.Gen - Malware See also
Summary Full description Statistics

How would you rate this information?
Worthless Excellent




Virus: HTML/Infected.WebPage.Gen
Date discovered: 14/08/2007
Type: Trojan
In the wild: Yes
Reported Infections: Low
Distribution Potential: Low
Damage Potential: Low
Static file: No
Engine version: 7.04.01.62

Special detection HTML/Infected.WebPage.Gen

Description:
A common attack against the web infrastructure can be the infection of harmless web pages. Some malware changes every HTML file stored on the disc and adds a link (very often an IFrame) to a site hosting malicious code. Other attacks can aim for the web servers and try to insert forwarding to the pages hosted there. The owner of these pages is advised to take them offline. Fix the hole (either on his own PC or on the server), check the pages for infections, clean them and go online again. Infected Web Pages often contain additional Iframe, Object or Script Tags. The Script Tags often contain encrypted Code.

Version history:
The following engine updates were released in order to enhance detection:

• 7.04.01.62 ( 14/08/2007 )
• 7.06.00.40 ( 07/12/2007 )
• 7.06.00.84 ( 10/04/2008 )
• 7.08.00.58 ( 19/06/2008 )
• 7.08.00.64 ( 02/07/2008 )
• 7.09.00.26 ( 05/11/2008 )
• 7.09.00.30 ( 11/11/2008 )
• 7.09.00.41 ( 04/12/2008 )
• 7.09.00.60 ( 22/01/2009 )
• 7.09.00.70 ( 30/01/2009 )
• 7.09.00.74 ( 04/02/2009 )
• 7.09.00.76 ( 06/02/2009 )
• 7.09.00.93 ( 26/02/2009 )
• 7.09.00.114 ( 12/03/2009 )
• 7.09.00.120 ( 18/03/2009 )
• 7.09.00.129 ( 26/03/2009 )
• 7.09.00.138 ( 03/04/2009 )
• 7.09.00.155 ( 23/04/2009 )

I have chosen the problem.
Virus was to / files / index.php
Now is any thing in the regulations.

If you want to be sure you found all HTML/Infected.WebPage.Gen you can use this script to create 'checkpoint file' in File Changes Scan. Now if something happens you can simply upload 'checkpoint file' and you will find out about all changes happen with files.