Solved

Determining if my website is infected with "Remote Data Services" trojan or keylogger

Posted on 2007-04-03
2
5,526 Views
Last Modified: 2013-11-22
I have a forum running on phpBB hosted by a commercial hosting company.  Suddenly, my users are beginning to complain that they are getting trojan virus warnings when accessing the site.  Other users are indicating that they are getting the following pop-up in IE asking to install an applet:

"Remote Data Services Data Control" from "Microsoft Corporation"

I have contacted the site host, and they claim that their server is clean.  Everything I've dug up on this indicates it is some remote control trojan, or javascript based keylogger.

My question is, I need to analyze this website for the presence of a virus and prove that it is infected (if it is).

How would I go about this?

*V*
0
Comment
Question by:vossupport
2 Comments
 
LVL 1

Expert Comment

by:inuyasharules
ID: 18846119
one way to do it would be to disable all firewalls and antivirus/spyware programs and surf the site for a while, then turn everything back on and do a complete scan. id recommend doing this on a spare computer so you dont put your main computer at risk of a comprimise
0
 
LVL 3

Accepted Solution

by:
OMonge earned 500 total points
ID: 19145291
Hello,

Sometimes, malicious code is embedded on the site (the one you're browsing), you can look at the source code of that site and check if it contains it and let the owners know. Another thing to take into consideration, most of the times, viruses/trojans try to fool the user around by making 'em believe that something is missing. Pay attention to it.

Regards,
OMonge.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
svg file 10 104
EICAR File 5 72
How to install a renewed SSL certificate on Windows 2012 server 7 92
Gpora virus - GPO  lockdown on RDS/TS server 6 26
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Read about achieving the basic levels of HRIS security in the workplace.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question