This would have nothing to do with virus scans, it would have more to do with how you code and how you secure your scripts.
Thanks for your replies.
it seems I posted in wrong section.I was looking for security section.
My server is linux.server manager scanned and found 12 infected files with trojan virus.they deleted them.
I think I have to contact programmer of my websites to
find holes and fix them.but unfortunately I have disconnected with him from 4 years ago.
97.55 % of my users are on my forum that is VB .I asked vb about this issue they said :
As far as I know there are no known injection vulnerabilities within VB 3.8.x series. If your server was compromised by VB you will need to open a support ticket accordingly. Most likely however this is a server issue and you Will need to contact your hosting provider for assistance
Do you do regular software updates for the whole server?
I can tell you right now that it's possibly ANYTHING, including your server software itself, even PHP itself that's possibly vulnerable so I wouldn't focus too much on just one script.
I wouldn't waste time trying to fix an existing box as you may never find some root kits.
In the end, having done this a time or two, you're probably going to spend more time cleaning an existing box and messing around than simply moving and still may not fix it entirely unless you reformat and reload from scratch.
I'd have a new server provisioned ASAP and migrate to it and upgrade PHP scripts and whatever else you have installed as part of the migration process.
Otherwise you might just get hacked over and over and...
server manager says:
...I have installed AVG Malware scanner for linux and not able to detect any vulnerable files.Please understand that it is not the hacker/attacker who inserted the codes. The developer "coding style" is vulnerable. When we go for cheap plugins or themes, we are not caring for coding style that is causing such vulnerabilities. The vulnerability means that it is open to such website cross scripting or some other type of attacks...
But my problem is I have disconnected with the developer from 4 years ago and I don`t know what I must do to fix the bad codes...
You either need learn the software you use or to find someone who does and fix it. As of this:
|As far as I know there are no known injection vulnerabilities within VB 3.8.x series. |
It talks about the stock version. Most webmasters will customize sites one way or another, install extensions, add new code or entire applications in the same folder etc. So don't rely on it.
Thank you enigma1
The developer of my site don`t want to fix this issue.it seems
I have to find another one for this issue. I myself don`t know
anything about programing .