test
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • mile1950 Friend
    #831972

    Hi,

    So my site is suspended by bluehost because it contains malwere :(.

    Could you somehow help me they will generate some malware.txt file

    Please I am desperate I have lost all my work till now and I was almost ready to publish my site.

    Pankaj Sharma Moderator
    #832721

    Hi
    Could u provide more details , which file is effected with it , so i can only replace that files from the fresh package it reuse the site . (please save your custom changes before replacing the file and take full backup)
    I strongly recommend you to use Security extension on your site from JED Here

    mile1950 Friend
    #833115

    Hi Pankaj,

    unfortunately they have suspended my site and I cannot access to backpanel anymore.
    I don’t know how I would be able to check where the malware is since I am a beginner.

    As well I am not sure I can install anymore the back up.

    Do you have any solution for me?

    Thank you for your time.

    Regards

    Pankaj Sharma Moderator
    #833254

    Hi
    You need to ask your host provider to give your site backup and about infected file , without running the site you can not found anything about site issue.

    mile1950 Friend
    #842547

    Hi Pankaj,

    finally I get malware.txt file with list of infected files but I don’t know about the backup. Will I lose some data and what I should do? What will change?

    Here you have list of infected files:

    The Content listed below may not be a complete list of malicious content on your account.
    You are ultimately responsible for all of your content.
    This is just what we have found that appears to be malicious.
    These files appear to contain malicious code. You will want to review the files and remove the injected code from important files and/or remove unused or invalid files.

    /home1/essencl7/public_html/error_log
    /home1/essencl7/public_html/footer65.php
    /home1/essencl7/public_html/libraries/fof/utils/ip/ip.php
    /home1/essencl7/public_html/libraries/fof/encrypt/totp.php
    /home1/essencl7/public_html/libraries/fof/encrypt/base32.php
    /home1/essencl7/public_html/libraries/fof/model/dispatcher/behavior.php
    /home1/essencl7/public_html/libraries/fof/autoloader/component.php
    /home1/essencl7/public_html/libraries/fof/dispatcher/dispatcher.php
    /home1/essencl7/public_html/libraries/vendor/phpmailer/phpmailer/PHPMailerAutoload.php
    /home1/essencl7/public_html/libraries/vendor/phpmailer/phpmailer/class.phpmailer.php
    /home1/essencl7/public_html/libraries/idna_convert/uctc.php
    /home1/essencl7/public_html/libraries/solidres/user/user.php
    /home1/essencl7/public_html/libraries/joomla/uri/uri.php
    /home1/essencl7/public_html/libraries/joomla/user/user.php
    /home1/essencl7/public_html/libraries/joomla/model/database.php
    /home1/essencl7/public_html/libraries/joomla/document/html/html.php
    /home1/essencl7/public_html/libraries/joomla/oauth1/start.php
    /home1/essencl7/public_html/libraries/simplepie/idn/utf.php
    /home1/essencl7/public_html/libraries/cms/html/user.php
    /home1/essencl7/public_html/libraries/cms/html/access.php
    /home1/essencl7/public_html/modules/mod_ja_acm/admin/assets/script.js
    /home1/essencl7/public_html/modules/mod_ja_acm/admin/assets/jBox/jBox.min.js
    /home1/essencl7/public_html/modules/mod_ja_acm/admin/assets/jBox/jBox.js
    /home1/essencl7/public_html/modules/mod_jamasshead/asset/jquery/jquery.min.js
    /home1/essencl7/public_html/media/system/js/mootools-core.js
    /home1/essencl7/public_html/media/system/js/mootools-core-uncompressed.js
    /home1/essencl7/public_html/administrator/templates/hathor/html/com_postinstall/messages/default.php
    /home1/essencl7/public_html/administrator/templates/isis/js/jquery.js
    /home1/essencl7/public_html/administrator/components/com_postinstall/views/messages/tmpl/default.php
    /home1/essencl7/public_html/administrator/components/com_joomlaupdate/restore.php
    /home1/essencl7/public_html/administrator/components/com_config/view/application/html.php
    /home1/essencl7/public_html/administrator/components/com_config/view/application/json.php
    /home1/essencl7/public_html/administrator/components/com_config/view/application/tmpl/default_navigation.php
    /home1/essencl7/public_html/administrator/components/com_config/view/component/html.php
    /home1/essencl7/public_html/administrator/components/com_config/view/component/tmpl/default_navigation.php
    /home1/essencl7/public_html/administrator/components/com_config/model/application.php
    /home1/essencl7/public_html/administrator/components/com_k2/controllers/media.php
    /home1/essencl7/public_html/administrator/components/com_k2/lib/JSON.php
    /home1/essencl7/public_html/administrator/components/com_k2/models/users.php
    /home1/essencl7/public_html/administrator/components/com_k2/tables/k2item.php
    /home1/essencl7/public_html/administrator/components/com_k2/tables/k2category.php
    /home1/essencl7/public_html/administrator/components/com_jaextmanager/assets/japopup/ja.popup.js
    /home1/essencl7/public_html/administrator/components/com_jaextmanager/assets/js/jquery.js
    /home1/essencl7/public_html/administrator/components/com_jaextmanager/lib/jaupdater/core/php5/json.php
    /home1/essencl7/public_html/administrator/components/com_jaextmanager/lib/simplexml.php
    /home1/essencl7/public_html/administrator/components/com_jaextmanager/lib/xlib/pclzip/pclzip.lib.php
    /home1/essencl7/public_html/administrator/components/com_solidres/tables/facility.php
    /home1/essencl7/public_html/administrator/components/com_admin/script.php
    /home1/essencl7/public_html/administrator/components/com_users/controllers/mail.php
    /home1/essencl7/public_html/administrator/components/com_users/models/user.php
    /home1/essencl7/public_html/administrator/components/com_users/models/group.php
    /home1/essencl7/public_html/administrator/components/com_search/controllers/session.php
    /home1/essencl7/public_html/administrator/test.php
    /home1/essencl7/public_html/administrator/language/en-GB/en-GB.lib_joomla.ini
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.8.3.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.11.0.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.9.0.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.4.4.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.6.4.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.3.2.min.js
    /home1/essencl7/public_html/media/k2/assets/js/nicEdit.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-ui-1.8.24.custom.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.9.1.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.7.2.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.8.2.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.10.2.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.5.2.min.js
    /home1/essencl7/public_html/media/k2/assets/js/jquery-1.6.3.min.js
    /home1/essencl7/public_html/media/com_joomlaupdate/json2.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/statistics/jqplot.json2.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/statistics/jqplot.json2.min.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/statistics/jquery.jqplot.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/jquery/ui/jquery-ui.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/jquery/ui/jquery-ui.min.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/jquery/external/jquery.metadata.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular-route.min.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular-route.js
    /home1/essencl7/public_html/media/com_solidres/assets/js/angular/angular.min.js
    /home1/essencl7/public_html/media/jui/less/type.less
    /home1/essencl7/public_html/media/jui/js/jquery.min.js
    /home1/essencl7/public_html/media/jui/js/jquery.ui.core.min.js
    /home1/essencl7/public_html/media/jui/js/jquery.js
    /home1/essencl7/public_html/media/jui/js/jquery.ui.core.js
    /home1/essencl7/public_html/media/editors/tinymce/plugins/compat3x/tiny_mce_popup.js
    /home1/essencl7/public_html/templates/ja_hotel/js/jquery.infinitescroll.js
    /home1/essencl7/public_html/templates/ja_hotel/js/script.js
    /home1/essencl7/public_html/templates/ja_hotel/js/jquery.infinitescroll.min.js
    /home1/essencl7/public_html/plugins/system/solidres/solidres.php
    /home1/essencl7/public_html/plugins/system/t3/base-bs3/js/less.js
    /home1/essencl7/public_html/plugins/system/t3/base-bs3/js/less.unmin.js
    /home1/essencl7/public_html/plugins/system/t3/base-bs3/js/jquery-1.11.2.min.js
    /home1/essencl7/public_html/plugins/system/t3/base-bs3/js/jquery-1.11.2.js
    /home1/essencl7/public_html/plugins/system/t3/base-bs3/bootstrap/css/bootstrap-theme.css.map
    /home1/essencl7/public_html/plugins/system/t3/admin/js/json2.js
    /home1/essencl7/public_html/plugins/system/t3/admin/js/jquery-1.8.3.min.js
    /home1/essencl7/public_html/plugins/system/t3/admin/js/jquery-1.8.3.js
    /home1/essencl7/public_html/plugins/system/t3/admin/fonts/fa4/fonts/fontawesome-webfont.woff
    /home1/essencl7/public_html/plugins/system/t3/base/js/less.js
    /home1/essencl7/public_html/plugins/system/t3/base/js/jquery-1.11.2.min.js
    /home1/essencl7/public_html/plugins/system/t3/base/js/jquery-1.11.2.js
    /home1/essencl7/public_html/plugins/system/t3/base/bootstrap/less/type.less
    /home1/essencl7/public_html/plugins/system/t3/base/bootstrap/js/tests/vendor/jquery.js
    /home1/essencl7/public_html/plugins/system/t3/base/bootstrap/js/tests/phantom.js
    /home1/essencl7/public_html/plugins/system/t3/base/bootstrap/js/jquery.js
    /home1/essencl7/public_html/modules/mod_jafacebooklikebox/asset/jquery/jquery.min.js
    /home1/essencl7/public_html/plugins/system/t3/admin/fonts/fa4/utf8-d02.php
    /home1/essencl7/public_html/media/editors/codemirror/theme/dirs.php
    /home1/essencl7/public_html/media/cms/css/object.php
    /home1/essencl7/public_html/plugins/system/t3/includes/lessphp/less/less.php
    /home1/essencl7/public_html/plugins/system/debug/debug.php
    /home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular.js
    /home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular-route.min.js
    /home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular-route.js
    /home1/essencl7/public_html/plugins/solidres/complextariff/media/com_solidres/assets/js/angular/angular.min.js
    /home1/essencl7/public_html/plugins/solidres/invoice/libraries/solidres/invoice/tcpdf/include/tcpdf_font_data.php
    /home1/essencl7/public_html/plugins/solidres/invoice/libraries/solidres/invoice/tcpdf/CHANGELOG.TXT
    /home1/essencl7/public_html/plugins/solidres/invoice/libraries/solidres/invoice/tcpdf/fonts/pdfacourierbi.z
    /home1/essencl7/public_html/plugins/solidres/statistics/media/com_solidres/assets/js/statistics/jqplot.json2.js
    /home1/essencl7/public_html/plugins/solidres/statistics/media/com_solidres/assets/js/statistics/jqplot.json2.min.js
    /home1/essencl7/public_html/plugins/solidres/statistics/media/com_solidres/assets/js/statistics/jquery.jqplot.js
    /home1/essencl7/public_html/plugins/content/jadisqus_debate_echo/asset/jquery/jquery.min.js
    /home1/essencl7/public_html/components/com_jce/editor/libraries/jquery/js/jquery.min.js
    /home1/essencl7/public_html/components/com_jce/editor/libraries/jquery/js/jquery-ui.min.js
    /home1/essencl7/public_html/components/com_jce/editor/tiny_mce/tiny_mce.js
    /home1/essencl7/public_html/components/com_config/view/templates/html.php
    /home1/essencl7/public_html/components/com_config/view/config/html.php
    /home1/essencl7/public_html/components/com_k2/helpers/route.php
    /home1/essencl7/public_html/components/com_users/models/registration.php
    /home1/essencl7/public_html/components/com_users/models/reset.php
    /home1/essencl7/public_html/language/en-GB/en-GB.com_users.ini
    /home1/essencl7/public_html/language/en-GB/en-GB.lib_joomla.ini
    /home1/essencl7/public_html/components/com_jce/editor/tiny_mce/tiny_mce_popup.js
    /home1/essencl7/public_html/plugins/content/jabookmark/assets/elements/jacolorpicker/jscolor.js
    /home1/essencl7/public_html/plugins/content/jabookmark/assets/jquery/jquery.min.js
    /home1/essencl7/public_html/plugins/user/profile/lib.php
    /home1/essencl7/public_html/plugins/content/solidres/conf-00.php

    Pankaj Sharma Moderator
    #842556

    Hi
    as u can see your files are completely effected in most of the component and in Joomla also . I suggest you to upload your previous site backup . There is only one of our extension that is effected is JA Extension manager component , You can directly remove this extension from /components folder . or replace its effected files .
    Regarding other files i am not sure as its core Joomla and some other 3rd party extension , You may also replace them with fresh code files or ask it on joomla forum and the extensions support team.

    mile1950 Friend
    #844800

    Hi Pankraj,

    I don’ t have backup, how smart. This is my first site in my life and I have no experience before with joomla.

    If I understand it correctly only one file from joomla is infected so would need to change it. Could you please let me know what is the best way do it?

    As the other infected files are from extensions I could delete them as well and later just install them if I want. Will this affect mine site since have installed only discus comments as extension?

    Please help me find a solution.

    Kind regards

    Pankaj Sharma Moderator
    #845025

    Hi
    i am not able to suggest anything more on this sir , As there are alot of files are infected in from core Joomla and third party extension , you may try to replace the files on this or raise your question on Joomla forum , you will get more accurate info for this on Joomla forum .

Viewing 8 posts - 1 through 8 (of 8 total)

This topic contains 7 replies, has 2 voices, and was last updated by  Pankaj Sharma 8 years, 11 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum