When I’m dealing with infected Magento shops, my approach is radical. Most times I will apply a major update which should cover the cleanup as well.
Need help? Let us clean your site.
2. Disable SQL remote access, especially if you’re using Plesk.
3. Change SQL user password.
2. Create a new database “_reference”. Check if the original database has a database prefix enabled. If so, add the same prefix with the new installation.
3. Extract magento-mirror-188.8.131.52.zip and run the installation.
4. Duplicate the original database, name it “_duplicate”.
5. Upload this tool inside the root folder – Magento Database Repair Tool.
a) Enter “_duplicate” credentials in the right side and “_reference” credentials in the right side.
b) Run the tool and save the list with the modules having the wrong version.
Module "admin_setup" has wrong version 184.108.40.206 in corrupted DB (reference DB contains "admin_setup" ver. 220.127.116.11) Module "api_setup" has wrong version 18.104.22.168 in corrupted DB (reference DB contains "api_setup" ver. 22.214.171.124) Module "catalog_setup" has wrong version 126.96.36.199.19.1.2 in corrupted DB (reference DB contains "catalog_setup" ver. 188.8.131.52.19.1.6) Module "core_setup" has wrong version 184.108.40.206 in corrupted DB (reference DB contains "core_setup" ver. 220.127.116.11) Module "customer_setup" has wrong version 18.104.22.168.4 in corrupted DB (reference DB contains "customer_setup" ver. 22.214.171.124.7) Module "downloadable_setup" has wrong version 126.96.36.199.2 in corrupted DB (reference DB contains "downloadable_setup" ver. 188.8.131.52.3) Module "payment_setup" has wrong version 184.108.40.206 in corrupted DB (reference DB contains "payment_setup" ver. 220.127.116.11) Module "rss_setup" is not installed in corrupted DB Module "sales_setup" has wrong version 18.104.22.168 in corrupted DB (reference DB contains "sales_setup" ver. 22.214.171.124)
c) Edit “core_resource” table after you get a successful confirmation & make sure modules from the previous list have the right version assigned.
If you’re getting this error:
Error #1067: Invalid default value for 'updated_at' on SQL: ALTER TABLE `core_config_data` ADD COLUMN `updated_at` timestamp NOT NULL DEFAULT 'CURRENT_TIMESTAMP' on update CURRENT_TIMESTAMP AFTER `value`
Add 1 collumn(s) after “value” > Hit Go button. Name it “updated_at” and add make sure the right Type, Attributes, Default and Extra are set.
2. Make sure to set a custom admin URL.
3. Restore app/design/frontend/template & skin/frontend/template, where “template” should be replaced with your own theme folder.
4. Restore media/ app/ and lib/ only after performing a malware check on these files & folders. Right after re-upload app and lib folders from magento-mirror-126.96.36.199.zip, to make sure all core files are updated.
5. Review the following sections:
Configuration->General->Design->HTML Head->Miscellaneous Scripts
- Minimum SQL, PHP and Magento knowledge is required to complete these steps.
- Magento 188.8.131.52 runs under PHP ver. 7.2, so it’s safe to update PHP.
- Magento db repair tool requires a fresh installation ( check Step 1 ).