Dear All,
i am running wordpress (latest) on windows 2003 with MySql server as usual. lately some one is trying to drop a trojan into my server. the message below i get in the eventviewer:
Name: Backdoor:PHP/SimpleShell.A
ID: 2147684280
Severity: Severe
Category: Backdoor
Path: file:_C:\WINDOWS\Temp\phpF0.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF2.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF4.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF6.tmp->[PHP];file:_C:\WINDOWS\Temp\phpF8.tmp->[PHP];file:_C:\WINDOWS\Temp\phpFA.tmp->[PHP]
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
User: servername\IUSR_servername
Process Name: C:\Program Files\PHP\php-cgi.exe
disabling File_Upload on php.ini solves the problem but i need the upload to be enables so my students will be able to upload files to the wordpress.
am running 5.2.13
any help is appreciated