Malicious content on my site

smotsie · Post by **smotsie** » Wed Dec 16, 2009 12:53 pm

Hi guys,

I wonder if anyone can help with a problem I have had. I got a report from my hosting company that there was some malicious content on my site which was being used for phishing attacks.

My site is running the latest CMSMS, plus a copy of the latest Wordpress in a subdirectory. The hosting company reported that the malicious content was in an exe file (but my host is Linux) and a bunch of other files in CMSMS directories:

html/.smart/
html/includes.php
html/modules/FileManager/postlet/.npe
html/modules/FileManager/postlet/.ssh/

They cannot say when the content got uploaded, or via what mechanism.

So, my real question is how can I do a completely clean installation which then duplicates my existing site? I want to zap all files and only put back those which must be there... I can then use the Validation routines to ensure I start with a clean site. I did a mysql backup and clean install on another system, but the mysql had problems (Â characters instead of unicode) and I really don't want to have to clean all that up! Does anyone have a step-by-step how-to of backup and restore, possibly to a mysql server with different default settings?

TIA

Smotsie

jmcgin51 · Post by **jmcgin51** » Thu Dec 17, 2009 2:32 am

this is covered in the documentation, as well as in dozens of threads here in the forum

replytomk3 · Post by **replytomk3** » Thu Dec 17, 2009 4:59 am

jmcgin51 wrote: this is covered in the documentation, as well as in dozens of threads here in the forum

Like in my signature

CMS Made Simple Forums

Malicious content on my site

Malicious content on my site

Re: Malicious content on my site

Re: Malicious content on my site