Support

Admin Tools

#25086 Just A Listing of Suspicious Files On My site

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Sunday, 05 June 2016 17:20 CDT

Thursday, 05 May 2016 13:22 CDT

user81101
 Hello,

First off let me say that your software is the best in the business. I was able to find a hacker file from Palenstian hackers who tried to take down by site by utilizing the PHP File Chnage Scanner.

My quick question is that I am showing files that are part of your fine extension Admin Tools. Please take a look.

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
libraries/joomla/google/embed/analytics.php Suspicious   10 Unpublished
administrator/components/com_admintools/models/adminpw.php Suspicious   10 Unpublished
libraries/fof/utils/ip/ip.php Suspicious   9 Unpublished
libraries/f0f/utils/ip/ip.php Suspicious   9 Unpublished
administrator/components/com_easydiscuss/includes/category/category.php Suspicious   9 Unpublished
administrator/components/com_easyblog/tables/category.php Suspicious   9 Unpublished
libraries/fof/dispatcher/dispatcher.php Suspicious   8 Unpublished
libraries/f0f/dispatcher/dispatcher.php Suspicious   8 Unpublished
administrator/components/com_easydiscuss/tables/role.php Suspicious   6 Unpublished
administrator/components/com_easydiscuss/tables/label.php Suspicious   6 Unpublished
components/com_uniform/libraries/3rd-party/securimage/securimage.php Suspicious   4 Unpublished
libraries/joomla/session/session.php Suspicious   4 Unpublished
plugins/user/easydiscussusers/easydiscussusers.php Suspicious   4 Unpublished
administrator/components/com_acymailing/helpers/helper.php Suspicious   4 Unpublished
libraries/simplepie/simplepie.php Suspicious   3 Unpublished
administrator/components/com_easydiscuss/includes/akismet/akismet.php Suspicious   3 Unpublished
administrator/components/com_easydiscuss/includes/post/post.php Suspicious   3 Unpublished
administrator/components/com_acymailing/helpers/acyuser.php Suspicious   3 Unpublished
administrator/components/com_acymailing/helpers/bounce.php Suspicious   3 Unpublished
administrator/components/com_easyblog/views/migrators/view.ejax.php Suspicious   3 Unpublished
administrator/components/com_easyblog/includes/akismet/library.php Suspicious   3 Unpublished
administrator/components/com_easyblog/includes/post/post.php Suspicious   3 Unpublished
components/com_uniform/models/form.php Suspicious   2 Unpublished
libraries/joomla/log/logger/formattedtext.php Suspicious   2 Unpublished
libraries/regularlabs/helpers/assignments/ips.php Suspicious   2 Unpublished
libraries/fof/controller/controller.php Suspicious   2 Unpublished
libraries/rokcommon/Doctrine/Export/Oracle.php Suspicious   2 Unpublished
libraries/f0f/controller/controller.php Suspicious   2 Unpublished
plugins/system/nnframework/helpers/assignments/ips.php Suspicious   2 Unpublished
plugins/system/admintools/util/filter.php Suspicious   2 Unpublished
… od_aridatatables/includes/kernel/DB/ADODBLite/adodbSQL_drivers/sybase_ase/sybase_ase_meta_module.inc Suspicious   2 Unpublished
administrator/components/com_templates/controllers/template.php Suspicious   2 Unpublished
administrator/components/com_templates/models/template.php Suspicious   2 Unpublished
administrator/components/com_easydiscuss/tables/post.php Suspicious   2 Unpublished
administrator/components/com_easyblog/models/comment.php Suspicious   2 Unpublished
components/com_easydiscuss/views/views.php Suspicious   1 Unpublished
components/com_easydiscuss/views/post/view.ajax.php Suspicious   1 Unpublished
components/com_acymailing/controllers/user.php Suspicious   1 Unpublished
components/com_acymailing/controllers/archive.php Suspicious   1 Unpublished
components/com_content/models/article.php Suspicious   1 Unpublished
components/com_easyblog/views/ratings/view.ajax.php Suspicious   1 Unpublished
components/com_easyblog/controllers/reports.php Suspicious   1 Unpublished
libraries/rokcommon/Doctrine/Export.php Suspicious   1 Unpublished
libraries/rokcommon/Doctrine/Connection.php Suspicious   1 Unpublished
libraries/rokcommon/Doctrine/Export/Mysql.php Suspicious   1 Unpublished
libraries/vendor/joomla/session/Joomla/Session/Session.php Suspicious   1 Unpublished
plugins/system/nnframework/helpers/functions.php Suspicious   1 Unpublished
plugins/content/easysocial/easysocial.php Suspicious   1 Unpublished
plugins/acymailing/tagmodule/tagmodule.php Suspicious   1 Unpublished
plugins/captcha/recaptcha/recaptcha.php Suspicious   1 Unpublished
plugins/adsmanagercontent/recaptcha/recaptcha.php Suspicious   1 Unpublished
… aridatatables/includes/kernel/DB/ADODBLite/adodbSQL_drivers/postgres/postgres_transaction_module.inc Suspicious   1 Unpublished
… idatatables/includes/kernel/DB/ADODBLite/adodbSQL_drivers/postgres8/postgres8_transaction_module.inc Suspicious   1 Unpublished
… idatatables/includes/kernel/DB/ADODBLite/adodbSQL_drivers/postgres7/postgres7_transaction_module.inc Suspicious   1 Unpublished
… atatables/includes/kernel/DB/ADODBLite/adodbSQL_drivers/postgres64/postgres64_transaction_module.inc Suspicious   1 Unpublished
media/com_easysocial/apps/fields/user/recaptcha/recaptcha.php Suspicious   1 Unpublished
administrator/components/com_admin/models/sysinfo.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/tables/views.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/tables/table.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/tables/votes.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/ratings/ratings.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/captcha/adapters/default.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/captcha/adapters/recaptcha.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/ranks/ranks.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/honeypot/honeypot.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/assets/assets.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/includes/html/html.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/models/likes.php Suspicious   1 Unpublished
administrator/components/com_easydiscuss/models/favourites.php Suspicious   1 Unpublished
administrator/components/com_adsmanager/install.adsmanager.php Suspicious   1 Unpublished
administrator/components/com_admintools/views/ipbls/tmpl/form.php Suspicious   1 Unpublished

administrator/components/com_admintools/views/ipwls/tmpl/form.php Suspicious   1 Unpublished

administrator/components/com_admintools/models/eom.php Suspicious   1 Unpublished
administrator/components/com_acymailing/install.acymailing.php Suspicious   1 Unpublished
administrator/components/com_acymailing/helpers/order.php Suspicious   1 Unpublished
administrator/components/com_acymailing/helpers/campaign.php Suspicious   1 Unpublished
administrator/components/com_acymailing/classes/acyhistory.php Suspicious   1 Unpublished
administrator/components/com_acymailing/extensions/plg_acymailing_tagmodule/tagmodule.php Suspicious   1 Unpublished
administrator/components/com_akeeba/engine/Postproc/Sugarsync.php Suspicious   1 Unpublished
administrator/components/com_akeeba/engine/Postproc/Connector/Idrivesync.php Suspicious   1 Unpublished
administrator/components/com_easyblog/includes/cache/cache.php Suspicious   1 Unpublished
administrator/components/com_easyblog/includes/captcha/captcha.php Suspicious   1 Unpublished
administrator/components/com_easyblog/includes/revisions/revisions.php Suspicious   1 Unpublished
administrator/components/com_easyblog/includes/xmlrpc/libraries/xmlrpc.php Suspicious   1 Unpublished
administrator/components/com_phocacommander/helpers/fileupload.php Suspicious   1 Unpublished
administrator/components/com_phocacommander/views/phocacommanderactiona/view.json.php Suspicious   1 Unpublished
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

I realize that I am safe because of your fine measures and your programming of this Admin Tools and other security measures I have taken on my server. But what concerns should I address to eliminate this continued results. Should I ignore them. Publish them? Your help is greatly appreciated.

Regards,
Robert
A continued and happy customer.

Friday, 06 May 2016 01:58 CDT

tampe125
Hello Robert,

we're glad to hear that you found our product useful, thank you very much!
Regarding your question, the scanner can raise some false positives. When that happens, you should review the file and then click on th e"Mark safe" button.
This means that such file (as long as its contents don't change) will be considered safe.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Sunday, 05 June 2016 17:20 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.
Edited by on 2016-06-05 17:20 CDT

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!