any user that uses my site is reporting Trojan-Spy.HTML.Fraud.gen
if they have kaspersky and the only things running really is SMF on the server and its all fresh install :| apart from the DB.
i've tryed to check the server TCPDUMP for any Js files that are coming in and out and only found google urchin one thats it any one else any good ideas to help find and detect if my server has been comprimised AGAIN.
its a fresh build of centos 5
if they have kaspersky and the only things running really is SMF on the server and its all fresh install :| apart from the DB.
i've tryed to check the server TCPDUMP for any Js files that are coming in and out and only found google urchin one thats it any one else any good ideas to help find and detect if my server has been comprimised AGAIN.
its a fresh build of centos 5
thank god