Quote:
|
Originally Posted by Vox
Yeah webair won't really help you out if your box has been comprimised.
Here's a little suggestion to see what is running in the background:
I'm pressuming this malicious script is being called by a cron job so log in by ssh with your root password and type in crontab -l
See what is running in the background, if there is nothing then it's time to call in a security expert and have the whole box scanned.
|
If I still remember ok, it was a local PC virus that attached a VB line on top. Lotsa sites had that, google for the names I gave, the virus is like 6 months old at least, maybe older. As long as its on your local PC, itll infect your files everytime you FTP.