Account Suspended due to Malware - Need Clean up.

Quote

Post by sanzy » Tue Sep 03, 2019 6:44 pm

My Hosting has taken down my opencart site due to malware. They have provided the following information below. I would like my site cleaned up of any virus's and updated to the latest opencart. ( I will require a backup after all malware removed to make sure my theme and addons work with the latest one ) I would then like any known security fixes to be installed so this does not happen again. Thankyou.

HE FOLLOWING FILES MATCHES ONE OR MORE KNOWN MALWARE SIGNATURES.

Code: Select all

Critical File Access Disabled - Aug 29 10:08:06 monte ['/home/keratinpro/public_html/config-dist.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical Directory Access Disabled - Aug 29 10:08:06 monte ['/home/keratinpro/public_html/gtqew8xh.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/n6nedm9t.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/v2r8prok.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/zs0h401m.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:09 monte ['/home/keratinpro/public_html/3.0/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical File Access Disabled - Aug 29 10:08:10 monte ['/home/keratinpro/public_html/admin/3.02_conf'] - ClamAV detected virus = [Unix.Malware.Agent-6961125-0]
Critical File Access Disabled - Aug 29 10:08:11 monte ['/home/keratinpro/public_html/admin/3.03_conf'] - ClamAV detected virus = [Unix.Malware.Agent-6983917-0]
Critical File Access Disabled - Aug 29 10:08:12 monte ['/home/keratinpro/public_html/admin/config-dist.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical File Access Disabled - Aug 29 10:08:12 monte ['/home/keratinpro/public_html/admin/config_simple.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical Directory Access Disabled - Aug 29 10:08:12 monte ['/home/keratinpro/public_html/admin/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:08:13 monte ['/home/keratinpro/public_html/admin/controller/catalog/vbwjjmzv.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:30 monte ['/home/keratinpro/public_html/admin/controller/extension/total/seyjktuw.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:38 monte ['/home/keratinpro/public_html/admin/language/en-gb/error/ftpwsvyd.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:08:57 monte ['/home/keratinpro/public_html/admin/model/catalog/vkfmbpwb.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1532]]
Critical Directory Access Disabled - Aug 29 10:08:58 monte ['/home/keratinpro/public_html/admin/model/extension/fraud/dbrkemyh.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:09:00 monte ['/home/keratinpro/public_html/admin/model/extension/payment/globalpay.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical File Access Disabled - Aug 29 10:09:04 monte ['/home/keratinpro/public_html/admin/model/report/.495b8d0a.ico'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1496]]
Critical File Access Disabled - Aug 29 10:09:04 monte ['/home/keratinpro/public_html/admin/model/setting/.ec1b4851.ico'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1496]]
Critical File Access Disabled - Aug 29 10:10:05 monte ['/home/keratinpro/public_html/admin/model/tool/tool.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Exploit [P0911]]
Critical Directory Access Disabled - Aug 29 10:10:05 monte ['/home/keratinpro/public_html/admin/view/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:10:13 monte ['/home/keratinpro/public_html/admin/view/template/localisation/bfsubafd.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1532]]
Critical Directory Access Disabled - Aug 29 10:10:13 monte ['/home/keratinpro/public_html/admin/view/template/localisation/fyxmwkyv.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:10:13 monte ['/home/keratinpro/public_html/catalog/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:10:15 monte ['/home/keratinpro/public_html/catalog/controller/api/shipping.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical File Access Disabled - Aug 29 10:10:28 monte ['/home/keratinpro/public_html/catalog/controller/tool/seo.php.suspected'] - Known exploit = [Fingerprint Match] [PHP Shell Exploit [P1517]]
Critical Directory Access Disabled - Aug 29 10:10:30 monte ['/home/keratinpro/public_html/catalog/language/en-gb/common/search.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:32 monte ['/home/keratinpro/public_html/catalog/language/en-gb/extension/payment/realex_remote.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:33 monte ['/home/keratinpro/public_html/catalog/language/en-gb/mail/affiliate.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:37 monte ['/home/keratinpro/public_html/catalog/model/design/banner.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:10:37 monte ['/home/keratinpro/public_html/catalog/model/extension/feed/iaredasx.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:10:37 monte ['/home/keratinpro/public_html/catalog/model/extension/openbay/amazonus_listing.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical File Access Disabled - Aug 29 10:10:46 monte ['/home/keratinpro/public_html/catalog/view/3.02_conf'] - ClamAV detected virus = [Unix.Malware.Agent-6961125-0]
Critical Directory Access Disabled - Aug 29 10:10:58 monte ['/home/keratinpro/public_html/cgi-bin/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:11:04 monte ['/home/keratinpro/public_html/data_sample/logancee/7/breadcrumb_background_image.php'] - Known exploit = [Fingerprint Match] [PHP Injection Exploit [P0997]]
Critical Directory Access Disabled - Aug 29 10:12:06 monte ['/home/keratinpro/public_html/image/catalog/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:12:07 monte ['/home/keratinpro/public_html/keratinpro.co.uk/template/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:12:07 monte ['/home/keratinpro/public_html/keratinpro.co.uk/template/tvrbgzyq.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/index.php'] - Known exploit = [Fingerprint Match] [PHP Include Exploit [P1588]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/zahyeqpk.php'] - Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P0803]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/download/keotyjfc.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:12:24 monte ['/home/keratinpro/public_html/system/storage/session/dybgghui.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1471]]
Critical Directory Access Disabled - Aug 29 10:12:52 monte ['/home/keratinpro/public_html/system/storage/vendor/symfony/dwpjlwzr.php'] - Known exploit = [Fingerprint Match] [PHP Exploit [P1532]]
sanzy
Newbie
Posts
12
Joined
Mon Jul 26, 2010 5:20 am
Top

Re: Account Suspended due to Malware - Need Clean up.

Quote

Post by victor.cis » Tue Sep 03, 2019 6:53 pm

Hi,

I can help drop me an email: victor.cisin20@gmail.com

Also add me over Skype: cis.victor1

Regards,
Victor
victor.cis
New member
Posts
56
Joined
Fri Feb 17, 2017 5:27 pm
Top

Re: Account Suspended due to Malware - Need Clean up.

Quote

Post by JAY6390 » Tue Sep 03, 2019 6:56 pm

PM Sent

Image

User avatar
JAY6390
Guru Member
Posts
5083
Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom
Top

Re: Account Suspended due to Malware - Need Clean up.

Quote

Post by deepvyas » Tue Sep 03, 2019 7:16 pm

Hi Sanzy ,
I can help you clean the affected store code.
Please let me know, If you are looking to get fixed early possible


Regards
Deep

Expert Opencart Developer & Designer | S: deepvyas71 | E: deepvyas71@gmail.com

deepvyas
Active Member
Online
Posts
422
Joined
Thu Jan 12, 2017 7:04 pm
Top

Re: Account Suspended due to Malware - Need Clean up.

Quote

Post by Elevate » Tue Sep 03, 2019 9:33 pm

We can help as well. Please email us at hello@elev8your.com

ELEV8TE Website Development
Available for hire - please send email to hello@elev8your.com
https://www.elev8your.com

User avatar
Elevate
New member
Posts
98
Joined
Fri Jul 06, 2018 12:40 am
Location - Denver, Colorado, USA
Top
Post Reply
Return to “Commercial Support”
Who is online

Users browsing this forum: deepvyas, paulfeakins and 68 guests