Script URL: nsmasschoir.org/gbook/gbook.php
Version of script: 1.7
Hosting company: FastWebHost
URL of phpinfo.php:
URL of session_test.php: ?? have gd_test.php in nsmasschoir.org
What terms did you try when SEARCHING for a solution: gbook.php missing; gbook.php removed by provider
Write your message below:
Here is a transcript of the issue as reported to the HelpDesk of FastWebHost.com
--------
Are you running a script to seek out and remove any file named gbook.php?
This particular file is constantly going missing from /www/nsmasschoir.org/gbook which is a subdomain under novacomputer.net
I am constantly having to ftp it back to it's original location.
--------
Their response:
---------
Hi,
Sorry we are not running any scripts and we do not remove any thing with out user permission.
Suman,
FastWebHost
----------
Personally, I don't believe them. How else can the gbook.php consistently be removed if not by the provider?
'gbook.php' file missing in action
Re: 'gbook.php' file missing in action
Problem resolved by webhost provider:
Are you able to investigate what is happening to this file? Is there a history tracker? Once again, it has gone missing.
gbook.php was located in nsmasschoir.org/gbook/ a sub-domain of novacomputer.net
Thank you.
----------
Hi
We see that you are using base64_decode, due to this maldect software is detecting the script as suspicious script and moved to quartined.
=============
return
eval(gzinflate(base64_decode('DZdFssUIkgSv0ruuMi3EZLMSM7M2bZKemBlOP/8IGZbp4bmVx7
lN/ymvbPin/tqpGrKj/CfP9pLA/.......
obqEoF7bK6UBAErwP877///vt//w8=')));
} // END JunkMark()
================
We have changed the permissions for this file so that it cannot moved to quarantine of maldect software.
Vijay Kumar,
FastWebHost
Are you able to investigate what is happening to this file? Is there a history tracker? Once again, it has gone missing.
gbook.php was located in nsmasschoir.org/gbook/ a sub-domain of novacomputer.net
Thank you.
----------
Hi
We see that you are using base64_decode, due to this maldect software is detecting the script as suspicious script and moved to quartined.
=============
return
eval(gzinflate(base64_decode('DZdFssUIkgSv0ruuMi3EZLMSM7M2bZKemBlOP/8IGZbp4bmVx7
lN/ymvbPin/tqpGrKj/CfP9pLA/.......
obqEoF7bK6UBAErwP877///vt//w8=')));
} // END JunkMark()
================
We have changed the permissions for this file so that it cannot moved to quarantine of maldect software.
Vijay Kumar,
FastWebHost
Re: 'gbook.php' file missing in action
Here's a post explaining what this is and also provides an alternative file:
viewtopic.php?f=7&t=3781
viewtopic.php?f=7&t=3781
Klemen, creator of HESK and PHPJunkyardWas this helpful? You can buy me a drink here 
You should follow me on Twitter here
Help desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
You should follow me on Twitter hereHelp desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...
Also browse for php hosting companies, read php books, find php resources and use webmaster tools
Re: 'gbook.php' file missing in action
I was going to try the gbook17_evalfix.zip (found it also in a post re: malicious code) but my webhost provider had already changed the rights to prevent deletion of the original gbook.php. Once I pushed the issue, they were quick to provide a solution. Thank you for your response as well.