Joomla Compromised Sending Spam

zsana

Registered
Aug 27, 2014
2
0
1
cPanel Access Level
Website Owner
Greetings
I got a message from my side is that your site is spam. To solve the problem I have done the following tasks
1 Disconnect all users have access
2 I deleted all my emails
A few days later I received another spam message again. This time I did the following things.
1 core changed from 1.5 to 2.5
2 Remove some Shell files
3 transfering site to a new folder and redirect it
I have been in the mainstream, the core Joomla 2.5 only template I've moved the old site to site, plus the last site that it has changed direction and contract in the new folder. But again I received a spam message .i dont know What can I do please please help. Thank you
 

server9host

Well-Known Member
Sep 18, 2013
160
0
16
India
cPanel Access Level
Root Administrator
Re: request for solve a problem

Hello,

Please scan your whole account using maldet or clamscan if you found any infected file then quarantine those files.
Change the Password for email account from you get spam on server.
Enable SpamAssassin for your account.
Update you joomla

Please use above steps
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,220
463
Re: request for solve a problem

Hello :)

To clarify, are you receiving SPAM, or do you mean your Joomla script is sending out SPAM?

Thank you.
 

zsana

Registered
Aug 27, 2014
2
0
1
cPanel Access Level
Website Owner
Re: request for solve a problem

what i've done is:
the scanning whole account whit ClamAV find viruse backdoor.php in the folowing way
www/components/com_search/functions.php
www/libraries/joomla/filesystem/archive/gallery.php
and quarantine them
What should I do to prevent the problem repeating?
how can i set the ClamAV to check outomaticly always my account?
Is there any way or website to help me understand my website still sends out spam before provider, close my website?
thanks a lot