Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible virus of some sort on my website?


  • Please log in to reply

#1
Jimbobwoo

Jimbobwoo

    New Member

  • Member
  • Pip
  • 9 posts
Hi All,

Please be patient with me....just call me a newb....and as many responses are welcome but try not to get too techie....

OK....I bought a website from a developer back at the end of 2009, but due to work commitments I have only really just been able to work on it and actually learn how it all works....and hands down to you people....its a minefield and I seem to be stepping on all the mines so far....

The issue that this message is regarding is I think products seem to disappear from my site and show as 'Out of stock' within my admin side of the site, but they are actually in stock when I check with the supplier.

I get emails that just don't make sense...here is just one sample of one....

From: tijqjvn <kjtuga@xtiqka.com>

Message: DD9Sn4 _a href="hxxp://aajcscupwkak.com/"_aajcscupwkak_/a_, defciwvwwxpu, ocxizpulmvcs, hxxp://wlqprxtkzfcg.com/

These various messages get sent through from my contact tab on website.

Has there been a known virus that deletes products from a site or would put a product out of stock??

I know it all sounds a bit strange, but I'm scratching my head as to what it could be.

Many thanks for taking the time to read this message.
  • 0

Advertisements


#2
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
I should just say after reading my message, the actual example of the email message I posted, hasn't actually come out the way it had been sent.

Cheers
  • 0

#3
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Might need some guidence here....am I posting this in the wrong place to get answers on my subject???
  • 0

#4
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
OK....maybe I should explain a little more about how the site works but I feel I may get an answer of "..you need to check your script because something might be wrong with that'....and I get very lost there....anyway...lets try...

Details: OSCommerce site. MySQL. PHP

The stock get imported from my supplier by XML feed. This operates by me pressing an update tab within the admin side of the site. New products get imported, stock levels change, products that go out of stock come off the live site and sit in admin side of side until it comes back into stock....etc etc....

The reason for asking the first question was because that I have been noticing less and less products actually live on my site. Also I noticed that some products don't seem to be coming over.

Just as an example, I noticed a new product had gone off my live site, which I knew had only gone on there a couple of days beforehand...when checking in the admin side, I noticed that it had gone out of stock...but when checking the suppliers site, it is still in stock, but it is not updating my site.

Now with this and with me noticing that over the months, less and less products seem to be going on my site, I obviously come to the conclusion that something is going wrong.

I know absolutely nothing about script writing so would not know even where to start there....hence I have added 1 and 1 and probably come up with 3 1/2 with the thought of maybe it is a virus/bug/needle in a haystack kind of thing and possibly the dodgy emails might have something to do with it.

Once again...and advice or help would be much appreciated.

JW
  • 0

#5
sari

sari

    GeekU Admin

  • Administrator
  • 20,960 posts
  • MVP
Jimbobwoo,

Normally, we wouldn't allow any virus questions outside the malware forum, but that forum is designed to help people with viruses on their computers, not on a website. Unfortunately, I don't really have an answer to your question, although I feel the two issues - the odd emails through the contact form and the disappearing stock - are unrelated. We have gotten similar sorts of emails here, although it usually seems to come through our Report button, and I think that is just an attempt to spread something malicious by hoping that someone will click on the links. The other issue sounds more like a programming issue or communications issue, but that's something outside of my realm. I've disabled the links in your original post, so just no one clicks on them accidentally. I'll ask around and see if any one can help out with this question - we do have some people who lurk on the site who know something about this side of things.

sari
  • 1

#6
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Hi Sari,

Many many thanks for your response and apoligies for writing my issue on here, but as you said, it is an issue with my site rather than my computer and I wasn't sure where eles to put it.

As I kind of hinted, I also think the email issue is something different to the stock issue.

I would really appreciate it if you did know anyone that has any ideas to my stock issue and maybe pass them over here.

I think it must be a script issue where it grabs the information. This was only placed on the site around 12-18 months ago. I found a really good guy from Amsterdam, but have lost contact with him. He made up the script and changed various bits and pieces to my liking.

I am at the point of me wanting to start to promote the site and hopefully start to earn from it, but I don't really want to do this if there is actually a problem with the site.

I look forward to your response when you have time.

Many thanks again :thumbsup:
  • 0

#7
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Hi Sari

Have you had any joy??
  • 0

#8
admin

admin

    Founder Geek

  • Administrator
  • 24,504 posts
There's really only one way to do this right, but it sounds like you'll likely need some outside assistance to complete it.

1. Backup your site
2. Backup your database.
3. Delete everything in public_html, or public folder of your website... except config.php. Review config.php for any unknown lines.
4. Upload the OSCommerce source files from the same version you're currently running.
5. Install any skin modifications, and custom scripts.
6. Update OSCommerce.

OSCommerce is great, but it's open source and you have to be vigilant with updates. Once you've been hacked a shell script can be placed anywhere. They date/time won't change, and it can be very difficult to identify. That's why it's best to remove all public files and upload new source files. The important information for your site is contained in the database, and it will be unaffected.
  • 1

#9
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Many thanks for your response Founder Geek...

You are right....most, if not all that you describe should be done to check the site is way over my head....which....to be honest, it does make me wonder why on earth I thought I could do a website, when I am actually a businessman....I thought when I intially bought the site that I know enough to run a website....it turns out that I actually know Jack...

The guy that made up the script for importing the stock/updates/new products actually updated all of the OSCommerce side...I remember him telling me now....but even more worrying now you mention it again....this was done over 18 months ago.

I'm sure it must be a script issue rather than an actual virus since when I first wrote on here I have done some further checks with some other products...and it seems that quite a few are just not updating or they updating incorrectly...for example...the products are still actually sitting on the admin side of the site stating out of stock...but when checking the supplier, they are actually in stock....

Going back to what you say about me needing outside assistance to help me....that is also quite a big issue....I have found previous help (the guy that wrote the script) from Free Lancers dot com (sorry written like this because I don't want to promote them) but recently I have found it really difficult finding anyone that is actually any good....they now all seem to be very foreign with not much grasp of the english language and give promises that things will get done and nothing does......

Hence why I thought of trying forums.....but now it seems I am back to square one in trying to find someone that can help.

Do you have any suggestions?? Or maybe point me in the right direction??

Once again, many thanks for your help and responding to my query.
James
  • 0

#10
admin

admin

    Founder Geek

  • Administrator
  • 24,504 posts
Have you checked the OSCommerce forums? I don't frequent them, but most support forums have an area for paid services, or free customer to customer support.

If you're pretty confident that you're not hacked (and re-reading your description I don't think you are), probably your best course of action is to update OSCommerce, or apply any security patches you've missed, and then focus on getting someone to update your custom script.

I've been down the custom script (skin) road myself. They are great for getting a website to look and function the way you want, but seriously complicate updates. You can usually skip updates for a while and just apply security patches, but eventually the software will reach end-of-life, or you'll find yourself wanting features offered by a new version and be forced to update. After 18 months you really ought to update.

OSCommerce is great, but it's also big and complex. I'm afraid my only experience with it was years ago. I can only offer general advice to your specific update situation. Generally, updates are not pushed by suppliers, but your server has to ping their server for updates. Just guessing since it's a custom script that your server uses a scheduled CRON job to check for updates. Your web-host support may be able to help troubleshoot that, or search "cron job". OSCommerce might also have a scheduled task that's not working. That should be visible in your admin control panel.
  • 1

#11
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Once again, many many thanks for your response...

But it does make me laugh.....laugh to the extent of leaning back on my chair and running my hands through my hair and wondering what the [bleep] I was thinking when I brought this site because I clearly know absolutely nothing about them and reading your above message has me scratching my head even more.

I will do some more searching around to try and find some "outside help" as I feel the issue will just drag on and I will end up giving up on it myself....and just class this as a lesson learnt...and never believe a web developer when he says its easy to run a site...could well be £15k down here...but thats business as they say.

Many thanks to you once again and thanks to Sari for the initial help

:thumbsup:
  • 0

#12
admin

admin

    Founder Geek

  • Administrator
  • 24,504 posts
Your problems really aren't that great, they are just outside the scope of this forum.

If I were you, I'd invest some time browsing the OSCommerce forums. Get to know the members who are active and helpful there. If they can't help, they'll know someone who will.

Finally, don't underestimate the power of Google. I knew absolutely nothing about forums when I decided to try Invision Forum Software on a whim almost 10 years ago. I now know more about their software and server management than I care to admit. I've also met many fantastic people who are willing to help for free, or a very small charge. I even know someone in her 70s who picked this stuff up!

Finally, get yourself an FTP manager like Filezilla (it's free). FTP is simply a way to get files from your computer to the server, and visa-versa. There's absolutely no reason you can't do things like updates yourself. It's not that steep of a learning curve. Fixing your custom add-on will likely require some outside help, but it should be small fraction of what you've already invested (if not free).
  • 1

#13
Jimbobwoo

Jimbobwoo

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
You are very nice people here and I can not thank you enough for your words of support

I will check out the forum that you mention and go from there.

Kind regards
James
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP