OrdaSoft forum
malware scanner malicious scripts (0 viewing)
OrdaSoft template Support
Favoured: 0
|
Malware scanner malicious scripts
malware scanner malicious scripts 8 Years, 3 Months ago
Karma: 0
Dear Ordasoft Team,
My hosting company has detected problems in some scripts, exact words are “routine malware scanner has reported files on your account as malicious”
They have currently suspended my site because of these files.
I need your advice as my website is already completed.
Here you may find what my hosting server found…
Beforehand I thank you for your promptly support.
Best regards, Abraham.
+++++++++++++++++++
HOST: jaga.tchmachines.com
SCAN ID: 160103-0318.310
FILE HIT LIST:
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/administrator/templates/hathor/images/code48.php => /usr/local/maldetect/quarantine/code48.php.72133233
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/administrator/components/com_config/helper/dirs34.php => /usr/local/maldetect/quarantine/dirs34.php.1690419879
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/plugins/system/sef/proxy.php => /usr/local/maldetect/quarantine/proxy.php.1803317843
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/media/cms/dirs.php => /usr/local/maldetect/quarantine/dirs.php.10200243
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/qs_classic_v1_j343/modules/mod_vehiclemanager_featured_free_j3/tmpl/ini.php => /usr/local/maldetect/quarantine/ini.php.2785028911
HOST: jaga.tchmachines.com
SCAN ID: 151230-0510.20954
STARTED: Dec 30 2015 05:10:43 -0500
COMPLETED: Dec 30 2015 05:26:48 -0500
ELAPSED: 965s [find: 0s]
PATH: /home/yljaxmoi/public_html
TOTAL FILES: 28016
TOTAL HITS: 4
TOTAL CLEANED: 0
FILE HIT LIST:
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/components/com_vehiclemanager/views/all_vehicle/help.php => /usr/local/maldetect/quarantine/help.php.86567581
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/qs_classic_v1_j343/media/editors/tinymce/search47.php => /usr/local/maldetect/quarantine/search47.php.1617112146
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/revista/plugins/content/finder/ini.php => /usr/local/maldetect/quarantine/ini.php.2125220392
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/revista/components/com_contact/helpers/help.php => /usr/local/maldetect/quarantine/help.php.1064617982
blog.totalchoicehosting.com/2015/12/joomla-zero-day-exploit/
My hosting company has detected problems in some scripts, exact words are “routine malware scanner has reported files on your account as malicious”
They have currently suspended my site because of these files.
I need your advice as my website is already completed.
Here you may find what my hosting server found…
Beforehand I thank you for your promptly support.
Best regards, Abraham.
+++++++++++++++++++
HOST: jaga.tchmachines.com
SCAN ID: 160103-0318.310
FILE HIT LIST:
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/administrator/templates/hathor/images/code48.php => /usr/local/maldetect/quarantine/code48.php.72133233
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/administrator/components/com_config/helper/dirs34.php => /usr/local/maldetect/quarantine/dirs34.php.1690419879
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/plugins/system/sef/proxy.php => /usr/local/maldetect/quarantine/proxy.php.1803317843
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/media/cms/dirs.php => /usr/local/maldetect/quarantine/dirs.php.10200243
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/qs_classic_v1_j343/modules/mod_vehiclemanager_featured_free_j3/tmpl/ini.php => /usr/local/maldetect/quarantine/ini.php.2785028911
HOST: jaga.tchmachines.com
SCAN ID: 151230-0510.20954
STARTED: Dec 30 2015 05:10:43 -0500
COMPLETED: Dec 30 2015 05:26:48 -0500
ELAPSED: 965s [find: 0s]
PATH: /home/yljaxmoi/public_html
TOTAL FILES: 28016
TOTAL HITS: 4
TOTAL CLEANED: 0
FILE HIT LIST:
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/components/com_vehiclemanager/views/all_vehicle/help.php => /usr/local/maldetect/quarantine/help.php.86567581
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/qs_classic_v1_j343/media/editors/tinymce/search47.php => /usr/local/maldetect/quarantine/search47.php.1617112146
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/revista/plugins/content/finder/ini.php => /usr/local/maldetect/quarantine/ini.php.2125220392
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/revista/components/com_contact/helpers/help.php => /usr/local/maldetect/quarantine/help.php.1064617982
blog.totalchoicehosting.com/2015/12/joomla-zero-day-exploit/
Logged
The administrator has disabled public write access.
Re:malware scanner malicious scripts 8 Years, 3 Months ago
Karma: 58
Hello,
Problem in help.php and ini.php files, they were hacked or added, our component not include that files, so your problems connected with hosting security and Joomla.
We advice you change hosting and use latest version of Joomla for your website.
Thanks
Taras
Problem in help.php and ini.php files, they were hacked or added, our component not include that files, so your problems connected with hosting security and Joomla.
We advice you change hosting and use latest version of Joomla for your website.
Thanks
Taras
Logged
The administrator has disabled public write access.
 |
we support payment systems
