SMW-INJ-18831-js.spam.remote-1

jlucho

Well-Known Member
Aug 5, 2006
85
1
158
hi

I have a hosting account with this infection alert (imunyAV detects it) but Clamav, Maldet, CXS do not detect it

SMW-INJ-18831-js.spam.remote-1
view image here ( https://i.imgur.com/jTW2KT8.png )

How can I clean only the malicious code from these files?
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,519
1,028
313
cPanel Access Level
Root Administrator
Hey there! It would be better to work with an admin familiar with server security to see how these files were modified before you make any additional changes, as that will alter the timestamps. If the source isn't found, the problem could just happen again.

After that, it might be best to restore the site from a backup that doesn't have the alterations.
 

ankeshanand

Well-Known Member
Mar 29, 2021
203
61
103
India
cPanel Access Level
Root Administrator
Only The root Administrator can fix these Files if he Makes Backups Daily/Weekly/Monthly.

From the WHM, Go to Imunify360 and Go to Settings>Backups. Enable Backups. If Imunify360 Finds any Old version of those infected files, It will give you an option to Clean the Files from the Backup but all those options are only available to the Server root user and not to a cPanel Account User.