How to convert a GMT timestamp to proper Date in PHP?

Can a virus alter a file without altering the timestamp?

Can a virus alter a file without altering the timestamp? I just got a virus alert on my computer Backdoor:PHP/Webshell.A from a file that has been sitting on my computer apparently unchanged since May 2011. I looked at the history and is also found early this morning a couple of hits for VirTools:JS/Obfuscator.Q which it says creates viruses. These are all files from a client's website. I looked at the Webshell file on the live server and its fine (the whole site wouldn't work if it wasn't!) I checked one of the Obfuscator files on the live server and it does appear to be infected (the client has a habit of installing off-the shelf software and then abandoning it and not installing updates or removing it when he's done with it!). I'm currently checking the rest of the site the file I checked has a modified date of 2006... So my questions would be: 1. If these "viruses" have been on my system since May 2011, why are they only being picked up now? 2. Can a virus infect* a file without changing the modified timestamp on the file (ie, is it possible that these viruses are new and not as old as 6 years?!) 3. Can the javascript "virus" or php trojan actually harm my PC? I'm not running webserver on it, not even locally. always assumed not but now I'm not so sure. in this case infecting seems to be injecting javascript into html files and in the case of the php one, the entire file was replaced with malicious code
Answer:

http://en.wikipedia.org/wiki/Touch_(Unix) (or comparable utilities) is available on all modern operating systems. Adding "Bad Touch" ability to malware is trivially easy.

missmagenta at Ask.Metafilter.Com Visit the source

Was this solution helpful to you?

Other answers

most filesystems allow for setting the file modification date to any particular value. One definite way a virus would try to cover its tracks would be to try to set that time stamp value to what it was before the file was altered.

telstar

Yes, it's relatively trivial to alter a file without altering the timestamp, both through the filesystem and by bypassing it entirely to write directly to the disk. Not all virus scanners pick up every threat, and some threats - especially ones that are not directly harmful to the host platform - are not going to be immediately detected by every scanner, and may well never be detected by many scanners. It becomes progressively more difficult to accurately scan and flag for N viruses for M platforms than it is for N viruses on 1 platform. The stuff that isn't expected to be found on that platform will not be a priority for virus researchers. If you do not have PHP on your computer, and it is a PHP script with a trojan, there is no practical risk to your computer, unless you later transfer that file to a system that has PHP *and* you execute the script. Your web browser almost certainly can execute JavaScript, however, so there is a significant risk there.

jgreco

Yes.

Nelson

Yeah, the higher likelihood is what jgreco said - the virus scanner you're using just got updated to detect a signature in that file as a virus. So the file hasn't changed, but the set of things that the virus scanner detects has, so suddenly it's flagging something that wasn't there before. And no, a PHP trojan is of no practical danger to your PC; having a webshell (if it's truly a web shell) available on your client's server may be of danger to their server, depending on how it's secured, but those are the contextual issues that a virus scanner can't be aware of.

jferg

If that's something I thought of doing before submitting late papers in university (not that I did it), I assume the virus makers have thought of it as well.

Chaussette and the Pussy Cats

Related Q & A:

How can I programmatically extract a file quickly and efficiently within Android?Best solution by Stack Overflow
Why can't I attach a file to my emails?Best solution by Yahoo! Answers
Does anyone in Saudi Arabia know how can a Saudi girl travel alone without her father's permission?Best solution by Yahoo! Answers
Can a person be a graphic designer without a graphic design degree?Best solution by Yahoo! Answers
How can I print wirelessly from a laptop to a printer without a router?Best solution by answers.yahoo.com

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.