Site hacked, Google says malware, ver. 2.5.7 - Joomla! Forum

problem description :: forum post assistant (v1.2.3) : 4th november 2012 wrote:site deemed have malware google

log/error message :: forum post assistant (v1.2.3) : 4th november 2012 wrote:polarizebit .org malware

actions taken resolve forum post assistant (v1.2.3) 4th november 2012 wrote:updated latest version of joomla (2.5.7)
searched malware

forum post assistant (v1.2.3) : 4th november 2012 wrote:
basic environment :: wrote:joomla! instance :: joomla! 1.5.25-stable (senu takaa ama mamni) 14-november-2011
joomla! configured :: yes | read-only (444) | owner: realisticoptimist (uid: 1/gid: 1) | group: pg1102880 (gid: 1) | valid for: 1.5
configuration options :: offline: 1 | sef: 0 | sef suffix: 0 | sef rewrite: 0 | .htaccess/web.config: yes | gzip: 0 | cache: 0 | ftp layer: 0 | ssl: 0 | error reporting: -1 | site debug: 0 | language debug: 0 | database credentials present: yes

host configuration :: os: linux | os version: 2.6.32.8-grsec-2.1.14-modsign-xeon-64 | technology: x86_64 | web server: apache | encoding: gzip,deflate,sdch | doc root: /home/realisticoptimist/eco-munity.com | system tmp writable: yes

php configuration :: version: 5.2.17 | php api: cgi-fcgi | session path writable: unknown | display errors: 1 | error reporting: 6135 | log errors to: | last known error: | register globals: | magic quotes: | safe mode: | open base: | uploads: 1 | max. upload size: 7m | max. post size: 8m | max. input time: 60 | max. execution time: 30 | memory limit: 90m

mysql configuration :: version: 5.1.53-log (client:5.0.51a) | host: --protected-- (--protected--) | collation: utf8_general_ci (character set: utf8) | database size: 19.58 mib | #of tables: 251
detailed environment :: wrote:php extensions :: date (5.2.17) | libxml () | openssl () | pcre () | zlib (1.1) | bcmath () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | session () | iconv () | standard (5.2.17) | json (1.2.1) | mbstring () | mcrypt () | mhash () | mysql (1.0) | simplexml (0.1) | pcntl () | spl (0.2) | pdo (1.0.4dev) | pdo_mysql (1.0.2) | pdo_sqlite (1.0.1) | posix () | pspell () | reflection (0.1) | imap () | mysqli (0.1) | sockets () | sqlite (2.0-dev) | exif (1.4 $id: exif.c 293036 2010-01-03 09:23:27z sebastian $) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlwriter (0.1) | xsl (0.1) | cgi-fcgi () | zend optimizer () | zend engine (2.2.0) |
potential missing extensions :: zip | suhosin |

switch user environment (experimental) :: php cgi: yes | server su: yes | php su: yes | custom su (litespeed/cloud/grid): yes
potential ownership issues: no
folder permissions :: wrote:core folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

elevated permissions (first 10) ::
extensions discovered :: wrote:components :: site :: mailto (1.5.0) | jupgrade (2.5.0beta2) | jupgrade (2.5.2) | unknown (-) | allevents (-) | plg_system_kunena (-) | mod_cblogin (-) | mod_sobipro_entries (-) | wrapper (1.5.0) | cb mambo author tab (1.2) | cb mamblog tab (1.2) | yanc integration (1.2) | comprofiler (1.2.2) | user (1.5.0) | aicontactsafe - form (1.0.8.stable) | aicontactsafe module (1.0.7.stable) | aicontactsafe - link (1.0.4.stable) | aicontactsafe (1.0.0) |
components :: admin :: agora (3.0.11 olympu) | language manager (1.5.0) | jpfchat (2.1.1) | trash (1.0.0) | content page (1.5.0) | menus manager (1.5.0) | unknown (-) | kunena (1.5.0a) | template manager (1.5.0) | banners (1.5.0) | jupgrade (2.5.2) | unknown (-) | allevents (-) | plg_system_kunena (-) | mod_cblogin (-) | mod_sobipro_entries (-) | configuration manager (1.5.0) | search (1.5.0) | media manager (1.5.0) | polls (1.5.0) | adsmanager (2.5.0) | mass mail (1.5.0) | plugin manager (1.5.0) | akeeba (3.2.7) | weblinks (1.5.0) | control panel (1.5.0) | comprofiler (1.2.2) | frontpage (1.5.0) | contact items (1.0.0) | newsfeeds (1.5.0) | avatar (2.1) | comments (2.1) | demo (2.1) | comments (2.1) | projects_mailer (2.1) | tasks_mailer (2.1) | projectfork (2.1.6 stable ) | english (2.1) | profile (2.1) | config (2.1) | users (2.1) | time (2.1) | groups (2.1) | controlpanel (2.1) | tasks (2.1) | filemanager (2.1) | calendar (2.1) | projects (2.1) | board (2.1) | task_details (2.1) | profile_networks (2.1) | system_messages (2.1) | profile_location (2.1) | nav_calendar (2.1) | nav_filemanager (2.1) | cp_tasks (2.1) | task_comments (2.1) | nav_profile (2.1) | profile_desc (2.1) | nav_section (2.1) | system_dyk (2.1) | cp_weblinks (2.1) | note_comments (2.1) | system_console (2.1) | project_details (2.1) | task_tracking (2.1) | project_tasks (2.1) | task_content (2.1) | nav_tasks (2.1) | cp_news (2.1) | nav_projects (2.1) | project_logo (2.1) | task_attachments (2.1) | theme_logo (2.1) | nav_config (2.1) | nav_time (2.1) | profile_contact (2.1) | cp_events (2.1) | cp_welcome (2.1) | nav_users (2.1) | cp_project (2.1) | quicklink_version (2.1) | nav_groups (2.1) | note_details (2.1) | project_join (2.1) | nav_board (2.1) | profile_user (2.1) | note_info (2.1) | system_project (2.1) | hwdvideoshare (2.1.2 build 2) | flexicontact (3.05) | user manager (1.5.0) | installation manager (1.5.0) | articlegenerator (1.0) | module manager (1.5.0) | gcalendar (2.2.7) | jce (1.5.7.4) | cache manager (1.5.0) | messaging (1.5.0) |

modules :: site :: google video bar (1.5.1 1.5) | adsmanager search (1.0.4) | videos ([ plimmerton ) | plan route gmaps (1.1.3) | breadcrumbs (1.5.0) | adsmanager menu (1.0.9) | poll (1.5.0) | easy joomla paypal payment / d (1.5.2) | google web elements calendar (1.0.0) | related items (1.0.0) | banner (1.5.0) | login (1.5.0) | menu (1.5.0) | hwdvideoshare template selecto ([ plimmerton ) | feed display (1.5.0) | gcalendar overview (2.2.7) | video categories ([ plimmerton ) | video tags ([ plimmerton ) | video search ([ plimmerton ) | archived content (1.5.0) | cb workflows (1.2.2) | gcalendar next event (2.2.7) | read content (1.5.0) | video charts ([ plimmerton ) | cb login (1.2.2) | random image (1.5.0) | adsmanager ads (1.0.7) | search (1.0.0) | jevents calendar (1.5.3) | latest news (1.5.0) | gtranslate (1.5.x.19) | wrapper (1.0.0) | cb online (1.2.2) | chronoforms (1.3/ v3.1 rc5) | syndicate (1.5.0) | sections (1.5.0) | custom html (1.5.0) | statistics (1.5.0) | who\'s online (1.0.0) | footer (1.5.0) | gcalendar upcoming events (2.2.7) | newsflash (1.5.0) |
modules :: admin :: quick icons (1.0.0) | user status (1.5.0) | latest news (1.0.0) | online users (1.0.0) | login form (1.0.0) | akeeba backup notification mod (3.2.7) | admin submenu (1.0.0) | popular items (1.0.0) | feed display (1.5.0) | unread items (1.0.0) | logged in users (1.0.0) | toolbar (1.0.0) | admin menu (1.0.0) | title (1.0.0) | custom html (1.5.0) | items stats (1.0.0) | footer (1.0.0) |

plugins :: site :: user - example (1.0) | user - joomla! (1.5) | button - pagebreak (1.5) | editor button - add hwdvideosh ([ plimmerton ) | button - readmore (1.5) | editor button - modules anywhe (1.1.1) | button - image (1.0.0) | authentication - openid (1.5) | authentication - gmail (1.5) | authentication - example (1.5) | authentication - ldap (1.5) | authentication - joomla (1.5) | jw flv player ([ sanson ]) | search - contacts (1.5) | search - content (1.5) | search - newsfeeds (1.5) | search - categories (1.5) | search - weblinks (1.5) | search - gcalendar (2.2.7) | search - sections (1.5) | jwallpapers search plugin (1.0) | american-english language (2.1.3 build 2) | editor - jce 1.5.7.4 (1.5.7.4) | advanced link (1.5.7.4) | zoo2 links advanced link (1.0.0) | joomla! links advanced lin (1.2.1) | jce spellchecker title (1.5.7.4) | paste (1.5.7.4) | media object support (1.5.7.4) | rj_insertcode (1.2.0) | image manager (1.5.7.4) | paste (1.5.7.4) | file browser (1.5.7.4) | advanced code editor (1.5.7.4) | editor - tinymce 3 (3.2.6) | editor - xstandard lite jo (1.0) | system - remember me (1.5) | system - jce mediabox (1.0.10) | system - ki - mootools control (0.1) | system - debug (1.5) | system - backlinks (1.5) | system - sef (1.5) | system - modalizer (1.2.3) | system - core design scriptegr (1.4.2) | system - cache (1.5) | akeeba backup lazy scheduling (3.2.7) | system - modules anywhere (1.1.1) | system - legacy (1.5) | system - log (1.5) | system - mootools upgrade (1.5) | google ([ plimmerton ) | third party support pack ([ plimmerton ) | remote video ([ plimmerton ) | xml-rpc - blogger api (1.0) | xml-rpc - joomla api (1.0) | dark template ([ plimmerton ) | content - pagebreak (1.5) | googlemaps (1.5.13) | content - iframe plugin (1.3e) | content - gcalendar next event (2.2.7) | content - example (1.0) | edocs - embed documents (1.0) | content - core design "tasty" (1.0.0 free) | content - core design ajax pag (1.0.1) | content - load modules (1.5) | content - page navigation (1.5) | content - email cloaking (1.5) | content - vote (1.5) | content - [youtube] video embedd (1.1) | content - code highlighter (ge (1.5) |
templates discovered :: wrote:templates :: site :: e15 (1.0) | eco16 (1.0) | e14 (1.0) | rhuk_milkyway (1.0.2) | e6 (1.0) | e3 (1.0) | e4 (1.0) | e5 (1.0) | e12 (1.0) | e2 (1.0) | eco11 (1.0) | eco19 (1.0) | beez (1.0.0) | ja_purity (1.2.0) | e13 (1.0) | ecomunitymay20 (1.0) |
templates :: admin :: khepri (1.0) |

upgrading 1.5 2.5.7 kind of big ordeal me, if gives idea of aptitude, eager rid site of malware, , ready whatever takes. far, i've taken site offline. have deleted thousands of disabled yet registered users keep somehow cropping up, i'm not sure should next.

Search This Blog

Rest

Site hacked, Google says malware, ver. 2.5.7 - Joomla! Forum - community, help and support

Comments

Post a Comment

Popular posts from this blog

How to change text Component easybook reloaded newbee - Joomla! Forum - community, help and support

After Effect warning: A problem occurred when processing OpenGL commands

Preconditions Failed. - Joomla! Forum - community, help and support