OrdaSoft forum
Welcome, Guest
Please Login or Register.    Lost Password?
malware scanner malicious scripts (0 viewing) 
OrdaSoft template Support
Go to bottom Favoured: 0
TOPIC: malware scanner malicious scripts
#17670
azulpavo (User)
Fresh Boarder
Posts: 12
graphgraph
User Offline Click here to see the profile of this user
malware scanner malicious scripts 11 Months, 1 Week ago Karma: 0  
Dear Ordasoft Team,

My hosting company has detected problems in some scripts, exact words are “routine malware scanner has reported files on your account as malicious”

They have currently suspended my site because of these files.

I need your advice as my website is already completed.

Here you may find what my hosting server found…

Beforehand I thank you for your promptly support.

Best regards, Abraham.

+++++++++++++++++++

HOST: jaga.tchmachines.com
SCAN ID: 160103-0318.310

FILE HIT LIST:
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/administrator/templates/hathor/images/code48.php => /usr/local/maldetect/quarantine/code48.php.72133233
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/administrator/components/com_config/helper/dirs34.php => /usr/local/maldetect/quarantine/dirs34.php.1690419879
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/plugins/system/sef/proxy.php => /usr/local/maldetect/quarantine/proxy.php.1803317843
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/media/cms/dirs.php => /usr/local/maldetect/quarantine/dirs.php.10200243
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/qs_classic_v1_j343/modules/mod_vehiclemanager_featured_free_j3/tmpl/ini.php => /usr/local/maldetect/quarantine/ini.php.2785028911

HOST: jaga.tchmachines.com
SCAN ID: 151230-0510.20954
STARTED: Dec 30 2015 05:10:43 -0500
COMPLETED: Dec 30 2015 05:26:48 -0500
ELAPSED: 965s [find: 0s]

PATH: /home/yljaxmoi/public_html
TOTAL FILES: 28016
TOTAL HITS: 4
TOTAL CLEANED: 0

FILE HIT LIST:
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/components/com_vehiclemanager/views/all_vehicle/help.php => /usr/local/maldetect/quarantine/help.php.86567581
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/qs_classic_v1_j343/media/editors/tinymce/search47.php => /usr/local/maldetect/quarantine/search47.php.1617112146
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/revista/plugins/content/finder/ini.php => /usr/local/maldetect/quarantine/ini.php.2125220392
{HEX}php.base64.v23au.185 : /home/yljaxmoi/public_html/revista/components/com_contact/helpers/help.php => /usr/local/maldetect/quarantine/help.php.1064617982

blog.totalchoicehosting.com/2015/12/joomla-zero-day-exploit/
 
Logged Logged  
  The administrator has disabled public write access.
#17693
Taras (Admin)
Admin
Posts: 2858
graphgraph
User Offline Click here to see the profile of this user
Re:malware scanner malicious scripts 11 Months, 1 Week ago Karma: 55  
Hello,

Problem in help.php and ini.php files, they were hacked or added, our component not include that files, so your problems connected with hosting security and Joomla.

We advice you change hosting and use latest version of Joomla for your website.

Thanks
Taras
 
Logged Logged  
  The administrator has disabled public write access.
Go to top
What are you looking for?
Anti-spam question: How many eyes has a typical person?