-
AuthorPosts
-
mile1950 Friend
mile1950
- Join date:
- October 2015
- Posts:
- 140
- Downloads:
- 21
- Uploads:
- 11
- Thanks:
- 104
- Thanked:
- 3 times in 2 posts
December 26, 2015 at 11:23 am #831972Hi,
So my site is suspended by bluehost because it contains malwere :(.
Could you somehow help me they will generate some malware.txt file
Please I am desperate I have lost all my work till now and I was almost ready to publish my site.
Pankaj Sharma ModeratorPankaj Sharma
- Join date:
- February 2015
- Posts:
- 24589
- Downloads:
- 144
- Uploads:
- 202
- Thanks:
- 127
- Thanked:
- 4196 times in 4019 posts
December 28, 2015 at 2:47 am #832721Hi
Could u provide more details , which file is effected with it , so i can only replace that files from the fresh package it reuse the site . (please save your custom changes before replacing the file and take full backup)
I strongly recommend you to use Security extension on your site from JED Heremile1950 Friendmile1950
- Join date:
- October 2015
- Posts:
- 140
- Downloads:
- 21
- Uploads:
- 11
- Thanks:
- 104
- Thanked:
- 3 times in 2 posts
December 28, 2015 at 11:34 am #833115Hi Pankaj,
unfortunately they have suspended my site and I cannot access to backpanel anymore.
I don’t know how I would be able to check where the malware is since I am a beginner.As well I am not sure I can install anymore the back up.
Do you have any solution for me?
Thank you for your time.
Regards
Pankaj Sharma ModeratorPankaj Sharma
- Join date:
- February 2015
- Posts:
- 24589
- Downloads:
- 144
- Uploads:
- 202
- Thanks:
- 127
- Thanked:
- 4196 times in 4019 posts
December 28, 2015 at 3:22 pm #833254Hi
You need to ask your host provider to give your site backup and about infected file , without running the site you can not found anything about site issue.mile1950 Friendmile1950
- Join date:
- October 2015
- Posts:
- 140
- Downloads:
- 21
- Uploads:
- 11
- Thanks:
- 104
- Thanked:
- 3 times in 2 posts
January 10, 2016 at 12:29 am #842547Hi Pankaj,
finally I get malware.txt file with list of infected files but I don’t know about the backup. Will I lose some data and what I should do? What will change?
Here you have list of infected files:
The Content listed below may not be a complete list of malicious content on your account.
You are ultimately responsible for all of your content.
This is just what we have found that appears to be malicious.
These files appear to contain malicious code. You will want to review the files and remove the injected code from important files and/or remove unused or invalid files./home1/essencl7/public_html/error_log
/home1/essencl7/public_html/footer65.php
/home1/essencl7/public_html/libraries/fof/utils/ip/ip.php
/home1/essencl7/public_html/libraries/fof/encrypt/totp.php
/home1/essencl7/public_html/libraries/fof/encrypt/base32.php
/home1/essencl7/public_html/libraries/fof/model/dispatcher/behavior.php
/home1/essencl7/public_html/libraries/fof/autoloader/component.php
/home1/essencl7/public_html/libraries/fof/dispatcher/dispatcher.php
/home1/essencl7/public_html/libraries/vendor/phpmailer/phpmailer/PHPMailerAutoload.php
/home1/essencl7/public_html/libraries/vendor/phpmailer/phpmailer/class.phpmailer.php
/home1/essencl7/public_html/libraries/idna_convert/uctc.php
/home1/essencl7/public_html/libraries/solidres/user/user.php
/home1/essencl7/public_html/libraries/joomla/uri/uri.php
/home1/essencl7/public_html/libraries/joomla/user/user.php
/home1/essencl7/public_html/libraries/joomla/model/database.php
/home1/essencl7/public_html/libraries/joomla/document/html/html.php
/home1/essencl7/public_html/libraries/joomla/oauth1/start.php
/home1/essencl7/public_html/libraries/simplepie/idn/utf.php
/home1/essencl7/public_html/libraries/cms/html/user.php
/home1/essencl7/public_html/libraries/cms/html/access.php
/home1/essencl7/public_html/modules/mod_ja_acm/admin/assets/script.js
/home1/essencl7/public_html/modules/mod_ja_acm/admin/assets/jBox/jBox.min.js
/home1/essencl7/public_html/modules/mod_ja_acm/admin/assets/jBox/jBox.js
/home1/essencl7/public_html/modules/mod_jamasshead/asset/jquery/jquery.min.js
/home1/essencl7/public_html/media/system/js/mootools-core.js
/home1/essencl7/public_html/media/system/js/mootools-core-uncompressed.js
/home1/essencl7/public_html/administrator/templates/hathor/html/com_postinstall/messages/default.php
/home1/essencl7/public_html/administrator/templates/isis/js/jquery.js
/home1/essencl7/public_html/administrator/components/com_postinstall/views/messages/tmpl/default.php
/home1/essencl7/public_html/administrator/components/com_joomlaupdate/restore.php
/home1/essencl7/public_html/administrator/components/com_config/view/application/html.php
/home1/essencl7/public_html/administrator/components/com_config/view/application/json.php
/home1/essencl7/public_html/administrator/components/com_config/view/application/tmpl/default_navigation.php
/home1/essencl7/public_html/administrator/components/com_config/view/component/html.php
/home1/essencl7/public_html/administrator/components/com_config/view/component/tmpl/default_navigation.php
/home1/essencl7/public_html/administrator/components/com_config/model/application.php
/home1/essencl7/public_html/administrator/components/com_k2/controllers/media.php
/home1/essencl7/public_html/administrator/components/com_k2/lib/JSON.php
/home1/essencl7/public_html/administrator/components/com_k2/models/users.php
/home1/essencl7/public_html/administrator/components/com_k2/tables/k2item.php
/home1/essencl7/public_html/administrator/components/com_k2/tables/k2category.php
/home1/essencl7/public_html/administrator/components/com_jaextmanager/assets/japopup/ja.popup.js
/home1/essencl7/public_html/administrator/components/com_jaextmanager/assets/js/jquery.js
/home1/essencl7/public_html/administrator/components/com_jaextmanager/lib/jaupdater/core/php5/json.php
/home1/essencl7/public_html/administrator/components/com_jaextmanager/lib/simplexml.php
/home1/essencl7/public_html/administrator/components/com_jaextmanager/lib/xlib/pclzip/pclzip.lib.php
/home1/essencl7/public_html/administrator/components/com_solidres/tables/facility.php
/home1/essencl7/public_html/administrator/components/com_admin/script.php
/home1/essencl7/public_html/administrator/components/com_users/controllers/mail.php
/home1/essencl7/public_html/administrator/components/com_users/models/user.php
/home1/essencl7/public_html/administrator/components/com_users/models/group.php
/home1/essencl7/public_html/administrator/components/com_search/controllers/session.php
/home1/essencl7/public_html/administrator/test.php
/home1/essencl7/public_html/administrator/language/en-GB/en-GB.lib_joomla.ini
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.8.3.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.11.0.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.9.0.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.4.4.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.6.4.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.3.2.min.js
/home1/essencl7/public_html/media/k2/assets/js/nicEdit.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-ui-1.8.24.custom.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.9.1.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.7.2.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.8.2.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.10.2.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.5.2.min.js
/home1/essencl7/public_html/media/k2/assets/js/jquery-1.6.3.min.js
/home1/essencl7/public_html/media/com_joomlaupdate/json2.js
/home1/essencl7/public_html/media/com_solidres/assets/js/statistics/jqplot.json2.js
/home1/essencl7/public_html/media/com_solidres/assets/js/statistics/jqplot.json2.min.js
/home1/essencl7/public_html/media/com_solidres/assets/js/statistics/jquery.jqplot.js
/home1/essencl7/public_html/media/com_solidres/assets/js/jquery/ui/jquery-ui.js
/home1/essencl7/public_html/media/com_solidres/assets/js/jquery/ui/jquery-ui.min.js
/home1/essencl7/public_html/media/com_solidres/assets/js/jquery/external/jquery.metadata.js
/home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular.js
/home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular-route.min.js
/home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular-route.js
/home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular.min.js
/home1/essencl7/public_html/media/jui/less/type.less
/home1/essencl7/public_html/media/jui/js/jquery.min.js
/home1/essencl7/public_html/media/jui/js/jquery.ui.core.min.js
/home1/essencl7/public_html/media/jui/js/jquery.js
/home1/essencl7/public_html/media/jui/js/jquery.ui.core.js
/home1/essencl7/public_html/media/editors/tinymce/plugins/compat3x/tiny_mce_popup.js
/home1/essencl7/public_html/templates/ja_hotel/js/jquery.infinitescroll.js
/home1/essencl7/public_html/templates/ja_hotel/js/script.js
/home1/essencl7/public_html/templates/ja_hotel/js/jquery.infinitescroll.min.js
/home1/essencl7/public_html/plugins/system/solidres/solidres.php
/home1/essencl7/public_html/plugins/system/t3/base-bs3/js/less.js
/home1/essencl7/public_html/plugins/system/t3/base-bs3/js/less.unmin.js
/home1/essencl7/public_html/plugins/system/t3/base-bs3/js/jquery-1.11.2.min.js
/home1/essencl7/public_html/plugins/system/t3/base-bs3/js/jquery-1.11.2.js
/home1/essencl7/public_html/plugins/system/t3/base-bs3/bootstrap/css/bootstrap-theme.css.map
/home1/essencl7/public_html/plugins/system/t3/admin/js/json2.js
/home1/essencl7/public_html/plugins/system/t3/admin/js/jquery-1.8.3.min.js
/home1/essencl7/public_html/plugins/system/t3/admin/js/jquery-1.8.3.js
/home1/essencl7/public_html/plugins/system/t3/admin/fonts/fa4/fonts/fontawesome-webfont.woff
/home1/essencl7/public_html/plugins/system/t3/base/js/less.js
/home1/essencl7/public_html/plugins/system/t3/base/js/jquery-1.11.2.min.js
/home1/essencl7/public_html/plugins/system/t3/base/js/jquery-1.11.2.js
/home1/essencl7/public_html/plugins/system/t3/base/bootstrap/less/type.less
/home1/essencl7/public_html/plugins/system/t3/base/bootstrap/js/tests/vendor/jquery.js
/home1/essencl7/public_html/plugins/system/t3/base/bootstrap/js/tests/phantom.js
/home1/essencl7/public_html/plugins/system/t3/base/bootstrap/js/jquery.js
/home1/essencl7/public_html/modules/mod_jafacebooklikebox/asset/jquery/jquery.min.js
/home1/essencl7/public_html/plugins/system/t3/admin/fonts/fa4/utf8-d02.php
/home1/essencl7/public_html/media/editors/codemirror/theme/dirs.php
/home1/essencl7/public_html/media/cms/css/object.php
/home1/essencl7/public_html/plugins/system/t3/includes/lessphp/less/less.php
/home1/essencl7/public_html/plugins/system/debug/debug.php
/home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular.js
/home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular-route.min.js
/home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular-route.js
/home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular.min.js
/home1/essencl7/public_html/plugins/solidres/invoice/libraries/solidres/invoice/tcpdf/include/tcpdf_font_data.php
/home1/essencl7/public_html/plugins/solidres/invoice/libraries/solidres/invoice/tcpdf/CHANGELOG.TXT
/home1/essencl7/public_html/plugins/solidres/invoice/libraries/solidres/invoice/tcpdf/fonts/pdfacourierbi.z
/home1/essencl7/public_html/plugins/solidres/statistics/media/com_solidres/assets/js/statistics/jqplot.json2.js
/home1/essencl7/public_html/plugins/solidres/statistics/media/com_solidres/assets/js/statistics/jqplot.json2.min.js
/home1/essencl7/public_html/plugins/solidres/statistics/media/com_solidres/assets/js/statistics/jquery.jqplot.js
/home1/essencl7/public_html/plugins/content/jadisqus_debate_echo/asset/jquery/jquery.min.js
/home1/essencl7/public_html/components/com_jce/editor/libraries/jquery/js/jquery.min.js
/home1/essencl7/public_html/components/com_jce/editor/libraries/jquery/js/jquery-ui.min.js
/home1/essencl7/public_html/components/com_jce/editor/tiny_mce/tiny_mce.js
/home1/essencl7/public_html/components/com_config/view/templates/html.php
/home1/essencl7/public_html/components/com_config/view/config/html.php
/home1/essencl7/public_html/components/com_k2/helpers/route.php
/home1/essencl7/public_html/components/com_users/models/registration.php
/home1/essencl7/public_html/components/com_users/models/reset.php
/home1/essencl7/public_html/language/en-GB/en-GB.com_users.ini
/home1/essencl7/public_html/language/en-GB/en-GB.lib_joomla.ini
/home1/essencl7/public_html/components/com_jce/editor/tiny_mce/tiny_mce_popup.js
/home1/essencl7/public_html/plugins/content/jabookmark/assets/elements/jacolorpicker/jscolor.js
/home1/essencl7/public_html/plugins/content/jabookmark/assets/jquery/jquery.min.js
/home1/essencl7/public_html/plugins/user/profile/lib.php
/home1/essencl7/public_html/plugins/content/solidres/conf-00.phpPankaj Sharma ModeratorPankaj Sharma
- Join date:
- February 2015
- Posts:
- 24589
- Downloads:
- 144
- Uploads:
- 202
- Thanks:
- 127
- Thanked:
- 4196 times in 4019 posts
January 10, 2016 at 2:45 am #842556Hi
as u can see your files are completely effected in most of the component and in Joomla also . I suggest you to upload your previous site backup . There is only one of our extension that is effected is JA Extension manager component , You can directly remove this extension from /components folder . or replace its effected files .
Regarding other files i am not sure as its core Joomla and some other 3rd party extension , You may also replace them with fresh code files or ask it on joomla forum and the extensions support team.mile1950 Friendmile1950
- Join date:
- October 2015
- Posts:
- 140
- Downloads:
- 21
- Uploads:
- 11
- Thanks:
- 104
- Thanked:
- 3 times in 2 posts
January 11, 2016 at 11:37 pm #844800Hi Pankraj,
I don’ t have backup, how smart. This is my first site in my life and I have no experience before with joomla.
If I understand it correctly only one file from joomla is infected so would need to change it. Could you please let me know what is the best way do it?
As the other infected files are from extensions I could delete them as well and later just install them if I want. Will this affect mine site since have installed only discus comments as extension?
Please help me find a solution.
Kind regards
Pankaj Sharma ModeratorPankaj Sharma
- Join date:
- February 2015
- Posts:
- 24589
- Downloads:
- 144
- Uploads:
- 202
- Thanks:
- 127
- Thanked:
- 4196 times in 4019 posts
January 12, 2016 at 3:08 am #845025Hi
i am not able to suggest anything more on this sir , As there are alot of files are infected in from core Joomla and third party extension , you may try to replace the files on this or raise your question on Joomla forum , you will get more accurate info for this on Joomla forum . -
AuthorPosts
This topic contains 7 replies, has 2 voices, and was last updated by Pankaj Sharma 8 years, 11 months ago.
We moved to new unified forum. Please post all new support queries in our New Forum