Results 1 to 3 of 3

Thread: Problem about Soft antivirus

  1. #1
    Join Date
    Jan 2015
    new york
    Rep Power

    Problem about Soft antivirus

    Hello everyone!
    Had a few of my patrons over the past 2-3 days report they were experiencing a TROJAN when visiting my website.

    One reported they were using AVG, but my McAfee software did not pick up on what AVG reported as Exploit_c.VHO. Ironically, I could not find any mention of that instance of Exploit_c nor any mention of that trojan family on the McAfee or Norton websites. Seems like only AVG is flagging it.

    Would hope and expect POWWEB uses some pretty good AV software on their servers, so am curious if anyone knows where in the OPS panel you can locate the results of such nightly virus scans, especially if your site is infected. Would go along way to helping webmasters track down problems.

    About the only information I could find on the Exploit trojan was associated with SWF files, of which I have about four on the website as banner advertisements. A couple were definitely not matching up to original files so deleted and replaced them with original files. Have asked the users who reported the problem to retest and let me know what they find. Also ran a compare to all the other files on the website, but found nothing out of the ordinary for other non-SWF files.

    Would be grateful if any of the moderators or users in the Community have any words of wisdom on the subject, as well as know what POWWEB uses for AV software and if customer can get those nightly reports on the health of their directories and files.


  2. #2
    Join Date
    May 2002
    Minneapolis, MN
    Rep Power
    Hosting services generally don't do routine scans of hosting accounts for malware, and Powweb is no exception. They go to great lengths to protect their servers, but it's up to you as the webmaster to keep your own site secure.

    You have a great advantage in tracking down the problem because it looks like you've already found it:
    Quote Originally Posted by macbookpro View Post
    A couple were definitely not matching up to original files so deleted and replaced them with original files.
    .swf files have been targets of hacking over the years, and it looks like someone may have found some vulnerable scripts on your site. But simply restoring the original files may not be enough to protect your site or your users. You should check with the service that provides you with those files to see if any updates are available. If not, I would strongly recommend that you remove them until you have completely resolved the issue. You need to know how these files were compromised in the first place. Was it through a vulnerability in the files themselves or is there a broader security problem on your website or your own computer.

    In the meantime, I'd recommend that you read Google's article on what to do when your site's been hacked. You should also scan your own computer with a different program than your current anti-virus software in order to get a "second opinion" on possible infections. I recommend Malwarebytes Anti-Malware. Run this software before you change any passwords for your site and before you take any actions on the site itself!

    Good luck!
    Rick Trethewey

  3. #3
    PowWeb Staff
    Join Date
    Jun 2012
    Rep Power
    Hi macbookpro,
    We do backend scans based off of knowledge of exploits out there and will inform the account admin if there is any infected content found. Not all accounts are selected for scanning daily as we do not want to cause stress on the servers. Accounts that meet certain criteria to possibly have known exploits are scanned first. If there is anything suspicious noticed by the system, our team, or yours, then we will scan as well. Please create a ticket stating a visitor is receiving a virus warning and our team can scan as a courtesy. We also offer the option to purchase SiteLock as an addon to your account, which will scan your account for you and alert you to issues. Here is further info:
    Technical Support

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts