Infected file not found in scan

Home Forums Support Forum Infected file not found in scan

Tagged: 

This topic contains 8 replies, has 2 voices, and was last updated by  Anti-Malware Admin 8 years, 8 months ago.

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #1474

    Rob Matthews
    Member

    Just completed a scan as the site is churning out 100′s of spam emails and the scan found lots of infected files and back doors which is great, however the emails continued to flow so by using the php mail log I tracked down the file they where using

    https://www.dropbox.com/s/djd6k40z52f32e6/start74.php?dl=0

    Thought I would send you a copy to see why the scan did not pick it up

    Reagrds

    Rob

    #1475

    Anti-Malware Admin
    Key Master

    Thanks for posting that code! I just added that new variant to my definition updates so it can now be automatically fiexd using my plugin.

    #1478

    Rob Matthews
    Member

    Very cool :)

     

    #1540

    Rob Matthews
    Member

    I have found some more

    https://www.dropbox.com/s/e2gkvggve6y9qyz/tempfs.php?dl=0

    finds file but can’t clean, I have moved the file out of the sites folder and job done but thought you might like to see it just in case

    https://www.dropbox.com/s/c5jo176rprfzepr/header.php?dl=0

    Theme breaks when cleaned

     

    Rob

    #1541

    Anti-Malware Admin
    Key Master

    Thanks for sending these to me! I have fixed the definition that found that threat in your theme header so that it no longer breaks the syntax of that file when it fixes it (it was accidentally removing too much code).

    I am working on that other threat now to see why it does not clean it…

    #1546

    Rob Matthews
    Member

    Did you manage to find the reason it would not clean the file

    Rob

    #1547

    Anti-Malware Admin
    Key Master

    No, Actually that threat is already in my definitions but I think it’s not finding it on your server because of a memory_limit setting in your php.ini file, because that file is very large.

    #1548

    Rob Matthews
    Member

    Its finding the file ok, just won’t clean it, memoery limit is set to 256m is that too low ?

    #1549

    Anti-Malware Admin
    Key Master

    256m is a lot but maybe it needs 512m for this file, it is a really large file. Also, maybe there is some other reason it’s not cleaning it, like file permissions or process timeout. Is there an error message of any kind when it fails?

Viewing 9 posts - 1 through 9 (of 9 total)

You must be logged in to reply to this topic.

Comments are closed.