OpenCart Community

OpenCart Community Forum - Discuss shopping cart and e-commerce solutions.
https://forum.opencart.com/

Account Suspended due to Malware - Need Clean up.

https://forum.opencart.com/viewtopic.php?t=213558

Page 1 of 1

Account Suspended due to Malware - Need Clean up.

Posted: Tue Sep 03, 2019 6:44 pm
by sanzy
My Hosting has taken down my opencart site due to malware. They have provided the following information below. I would like my site cleaned up of any virus's and updated to the latest opencart. ( I will require a backup after all malware removed to make sure my theme and addons work with the latest one ) I would then like any known security fixes to be installed so this does not happen again. Thankyou.

HE FOLLOWING FILES MATCHES ONE OR MORE KNOWN MALWARE SIGNATURES.

Code: Select all

Critical File Access Disabled - Aug 29 10:08:06 monte ['/home/keratinpro/public_html/config-dist.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical Directory Access Disabled - Aug 29 10:08:06 monte ['/home/keratinpro/public_html/gtqew8xh.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/n6nedm9t.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/v2r8prok.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/zs0h401m.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/3.0/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical File Access Disabled - Aug 29 10:08:10 monte ['/home/keratinpro/public_html/admin/3.02_conf'] - ClamAV detected virus = [Unix.Malware.Agent-6961125-0]
Critical File Access Disabled - Aug 29 10:08:11 monte ['/home/keratinpro/public_html/admin/3.03_conf'] - ClamAV detected virus = [Unix.Malware.Agent-6983917-0]
Critical File Access Disabled - Aug 29 10:08:12 monte ['/home/keratinpro/public_html/admin/config-dist.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical File Access Disabled - Aug 29 10:08:12 monte ['/home/keratinpro/public_html/admin/config_simple.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical Directory Access Disabled - Aug 29 10:08:12 monte ['/home/keratinpro/public_html/admin/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:08:13 monte ['/home/keratinpro/public_html/admin/controller/catalog/vbwjjmzv.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:30 monte ['/home/keratinpro/public_html/admin/controller/extension/total/seyjktuw.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:38 monte ['/home/keratinpro/public_html/admin/language/en-gb/error/ftpwsvyd.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:57 monte ['/home/keratinpro/public_html/admin/model/catalog/vkfmbpwb.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1532]]
Critical Directory Access Disabled - Aug 29 10:08:58 monte ['/home/keratinpro/public_html/admin/model/extension/fraud/dbrkemyh.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:09:00 monte ['/home/keratinpro/public_html/admin/model/extension/payment/globalpay.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical File Access Disabled - Aug 29 10:09:04 monte ['/home/keratinpro/public_html/admin/model/report/.495b8d0a.ico'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1496]]
Critical File Access Disabled - Aug 29 10:09:04 monte ['/home/keratinpro/public_html/admin/model/setting/.ec1b4851.ico'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1496]]
Critical File Access Disabled - Aug 29 10:10:05 monte ['/home/keratinpro/public_html/admin/model/tool/tool.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical Directory Access Disabled - Aug 29 10:10:05 monte ['/home/keratinpro/public_html/admin/view/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:10:13 monte ['/home/keratinpro/public_html/admin/view/template/localisation/bfsubafd.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1532]]
Critical Directory Access Disabled - Aug 29 10:10:13 monte ['/home/keratinpro/public_html/admin/view/template/localisation/fyxmwkyv.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:10:13 monte ['/home/keratinpro/public_html/catalog/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:10:15 monte ['/home/keratinpro/public_html/catalog/controller/api/shipping.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical File Access Disabled - Aug 29 10:10:28 monte ['/home/keratinpro/public_html/catalog/controller/tool/seo.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1517]]
Critical Directory Access Disabled - Aug 29 10:10:30 monte ['/home/keratinpro/public_html/catalog/language/en-gb/common/search.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:32 monte ['/home/keratinpro/public_html/catalog/language/en-gb/extension/payment/realex_remote.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:33 monte ['/home/keratinpro/public_html/catalog/language/en-gb/mail/affiliate.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:37 monte ['/home/keratinpro/public_html/catalog/model/design/banner.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:37 monte ['/home/keratinpro/public_html/catalog/model/extension/feed/iaredasx.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:10:37 monte ['/home/keratinpro/public_html/catalog/model/extension/openbay/amazonus_listing.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical File Access Disabled - Aug 29 10:10:46 monte ['/home/keratinpro/public_html/catalog/view/3.02_conf'] - ClamAV detected virus = [Unix.Malware.Agent-6961125-0]
Critical Directory Access Disabled - Aug 29 10:10:58 monte ['/home/keratinpro/public_html/cgi-bin/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:11:04 monte ['/home/keratinpro/public_html/data_sample/logancee/7/breadcrumb_background_image.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:12:06 monte ['/home/keratinpro/public_html/image/catalog/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:12:07 monte ['/home/keratinpro/public_html/keratinpro.co.uk/template/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:12:07 monte ['/home/keratinpro/public_html/keratinpro.co.uk/template/tvrbgzyq.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/zahyeqpk.php'] - Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P0803]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/download/keotyjfc.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/session/dybgghui.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:12:52 monte ['/home/keratinpro/public_html/system/storage/vendor/symfony/dwpjlwzr.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1532]]

Re: Account Suspended due to Malware - Need Clean up.

Posted: Tue Sep 03, 2019 6:53 pm
by victor.cis
Hi,

I can help drop me an email: victor.cisin20@gmail.com

Also add me over Skype: cis.victor1

Regards,
Victor

Re: Account Suspended due to Malware - Need Clean up.

Posted: Tue Sep 03, 2019 6:56 pm
by JAY6390
PM Sent

Re: Account Suspended due to Malware - Need Clean up.

Posted: Tue Sep 03, 2019 7:16 pm
by deepvyas
Hi Sanzy ,
I can help you clean the affected store code.
Please let me know, If you are looking to get fixed early possible


Regards
Deep

Re: Account Suspended due to Malware - Need Clean up.

Posted: Tue Sep 03, 2019 9:33 pm
by Elevate
We can help as well. Please email us at hello@elev8your.com
All times are UTC+08:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/