- Posts: 6332
- Thank you received: 315
Thanks to Darragh
- michaeloconnell
- Offline
- Administrator
Less
More
14 years 11 months ago #83293
by michaeloconnell
Replied by michaeloconnell on topic Re:Thanks to Darragh
Same thing happened my PC at work.
There is a particularly bad virus going round since before Chirstmas.
Apparently it can enbed itself in such a way that it just can't be removed without physically removing the hard drive from the PC and putting it in as a secondary hard drive on another computer and scanning it then.
A real pain!
I see that boards.ie and UKAI were also hit.
There is a particularly bad virus going round since before Chirstmas.
Apparently it can enbed itself in such a way that it just can't be removed without physically removing the hard drive from the PC and putting it in as a secondary hard drive on another computer and scanning it then.
A real pain!
I see that boards.ie and UKAI were also hit.
Please Log in or Create an account to join the conversation.
- darragh
- Offline
- Administrator
Less
More
- Posts: 563
- Thank you received: 27
14 years 11 months ago #83299
by darragh
Replied by darragh on topic Re:Thanks to Darragh
PhilipLardner wrote:
Hi Darragh,
Any idea of how the IFAS site (and which bits) got infected? How did you track down and remove the infection? I'm running a Joomla site www.ihpa.ie and am wondering if it has the same vulnerability. I use an automatic backup module JoomlaPack 2.1 to back up the entire site monthly. I guess I could always roll back to the last clean instance and suffer the losses in the forum threads.
Any advice appreciated,
Phil.[/quote]
Phil,
Just make sure to tie down file permissions on your joomla so that very few if any files can be written to.
The Trojan horse only affects file, not the database where all the threads are kept.
It is best to do nightly backups of the database which I do, but I wasn't backing up the Joomla files
Darragh
Hi Darragh,
Any idea of how the IFAS site (and which bits) got infected? How did you track down and remove the infection? I'm running a Joomla site www.ihpa.ie and am wondering if it has the same vulnerability. I use an automatic backup module JoomlaPack 2.1 to back up the entire site monthly. I guess I could always roll back to the last clean instance and suffer the losses in the forum threads.
Any advice appreciated,
Phil.[/quote]
Phil,
Just make sure to tie down file permissions on your joomla so that very few if any files can be written to.
The Trojan horse only affects file, not the database where all the threads are kept.
It is best to do nightly backups of the database which I do, but I wasn't backing up the Joomla files
Darragh
Please Log in or Create an account to join the conversation.
- dave_lillis
- Offline
- Super Giant
14 years 11 months ago #83305
by dave_lillis
Dave L. on facebook , See my images in flickr
Chairman. Shannonside Astronomy Club (Limerick)
Carrying around my 20" obsession is going to kill me,
but what a way to go.
+ 12"LX200, MK67, Meade2045, 4"refractor
Replied by dave_lillis on topic Re:Thanks to Darragh
Frank,
Download AVG, it stopped the infection in its tracks for me, I had it already installed, dont know if it'll install on an already infected machine.
Download AVG, it stopped the infection in its tracks for me, I had it already installed, dont know if it'll install on an already infected machine.
Dave L. on facebook , See my images in flickr
Chairman. Shannonside Astronomy Club (Limerick)
Carrying around my 20" obsession is going to kill me,
but what a way to go.
+ 12"LX200, MK67, Meade2045, 4"refractor
Please Log in or Create an account to join the conversation.
- Mike
- Offline
- Main Sequence
Less
More
- Posts: 485
- Thank you received: 87
14 years 11 months ago #83306
by Mike
I83 Cherryvalley Observatory
After one look at this planet any visitor from outer space would say; "I WANT TO SEE THE MANAGER".
Replied by Mike on topic Re:Thanks to Darragh
Hi Dave
I would also recommend AVG, it’s really excellent. Just update your AVG database from the internet and you’re PC is well protected. Thanks to Darragh indeed, IFAS website is essential for the Irish astronomical community, glad to see it back in action again.
Best wishes and clear skies
Mike
I would also recommend AVG, it’s really excellent. Just update your AVG database from the internet and you’re PC is well protected. Thanks to Darragh indeed, IFAS website is essential for the Irish astronomical community, glad to see it back in action again.
Best wishes and clear skies
Mike
I83 Cherryvalley Observatory
After one look at this planet any visitor from outer space would say; "I WANT TO SEE THE MANAGER".
Please Log in or Create an account to join the conversation.
- Derek Davey
- Offline
- Main Sequence
Less
More
- Posts: 120
- Thank you received: 31
14 years 11 months ago #83317
by Derek Davey
Replied by Derek Davey on topic Re:Thanks to Darragh
well done to Darragh and team for fixing the problem,
klear skysB)
klear skysB)
Please Log in or Create an account to join the conversation.
- Calibos
- Offline
- Red Giant
Less
More
- Posts: 785
- Thank you received: 14
14 years 11 months ago #83318
by Calibos
Keith D.
16" Meade Lightbridge Truss Dobsonian with Servocat Tracking/GOTO
Ethos 3.7sx,6,8,10,13,17,21mm
Nagler 31mm
Replied by Calibos on topic Re:Thanks to Darragh
Just got another avg alert when I came to this site.
It reads as follows:
Avg Alert
Accessed File is infected
Threat was blocked
File name: ask-com.ya.ru.nu-nl.cobalttrueblue.ru:8080/index.php?sc
Threat name: Exploit Javascript Obfuscation (type 894)
It reads as follows:
Avg Alert
Accessed File is infected
Threat was blocked
File name: ask-com.ya.ru.nu-nl.cobalttrueblue.ru:8080/index.php?sc
Threat name: Exploit Javascript Obfuscation (type 894)
Keith D.
16" Meade Lightbridge Truss Dobsonian with Servocat Tracking/GOTO
Ethos 3.7sx,6,8,10,13,17,21mm
Nagler 31mm
Please Log in or Create an account to join the conversation.
Time to create page: 0.121 seconds