0
Welcome Guest! Login
0 items Join Now

common malware detected

Last Post
Search Topic
    • chris's Avatar
    • chris
    • Rocketeer
    • Posts: 90
    • Thanks: 2

    common malware detected

    Posted 7 years 2 months ago
    • hello my friends.
      i installed a firewall extension in my site and one of its jobs was to scan the entire site.
      generally it went ok, except that it detected some kind of malware... calling it common malware and suggested further actions..
      i paste the segment of the report for you to see and advise me..
      i believe it is relevant to my rt site so i mention it.. can anyone suggest me what to do?(it may be a false alarm ...but better safe than sorry.!)
      thanx

      ..........

      Scanning your files for common malware We've found a total of 6 malware scripts inside your files. Please review them manually as the scan might have detected false alerts.
      Ignore these files

      Warning! Ignoring these files means that the next time the scan will be performed, these files will no longer be checked for malware. If you want to revert the process go to 'Firewall Configuration / System Check' and delete them manually from the 'Ignore files and folders' field.

      libraries/rokcommon/Doctrine/Migration/Diff.php Unsafe directory creation - 0777 permissions. mkdir($tmpPath, 0777View file contents
      libraries/rokcommon/Doctrine/Inflector.php Possible PHP injection (obfuscated code) chr(128).chr(131).chr(138).chr(142).chr(154).chr(158)View file contents
      libraries/rokcommon/RokCommon/Cache/File.php Unsafe directory creation - 0777 permissions. mkdir($dir, 0777View file contents
      libraries/rokcommon/Overrides/Doctrine/Migration/Diff.php Unsafe directory creation - 0777 permissions. mkdir($tmpPath, 0777View file contents
      libraries/gantry/core/utilities/cache/fileCacheDriver.class.php Unsafe directory creation - 0777 permissions. mkdir($dir, 0777View file contents
      install.script.php Suspicious file found in the root path of your installation. install.script.phpView file contents
    #1337746
    • Matt's Avatar
    • Matt
    • Preeminent Rocketeer
    • Posts: 21565
    • Thanks: 3091
    • messin' with stuff

    Re: common malware detected

    Posted 7 years 2 months ago
    #1337793
    • chris's Avatar
    • chris
    • Rocketeer
    • Posts: 90
    • Thanks: 2

    Re: common malware detected

    Posted 7 years 2 months ago
    • mr matt good evening

      the first link does not work, it says i cant access it

      the second link verifies my saying. that other users also experience the same issue. furthermore in this discussion mrT says that he ll report it as an bug (inhouse ticketing) but obviously it was not corrected since i use the launcher and i dont code anything.
      anyway
      what should i do with these issues.?
      do i change the permissions as writen or ignore them as safe.?

      chris
    #1337810
    • Matt's Avatar
    • Matt
    • Preeminent Rocketeer
    • Posts: 21565
    • Thanks: 3091
    • messin' with stuff

    Re: common malware detected

    Posted 7 years 2 months ago
    • Did you read the rest of the thread where Matias confirmed they were false positives? He goes into it much more detail on the first link which does require a Developer membership to see... but the result is the same, they're false positives
    • SEARCH the forum first! These boards are rich in knowledge and vast in topics. This includes searching just the 'Solved' forums, using Google, and using ChatGPT :woohoo:
    #1337835

Time to create page: 0.051 seconds