GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Business Recommended Malware Removal Service? (https://gfy.com/showthread.php?t=1282879)

G-Unit01 10-27-2017 11:09 AM
Recommended Malware Removal Service?
 
Hi everyone,

Unfortunately my cPanel has been infected with malware and websites suspended by the current host, I have access via cPanel and have been told to clean the sites up.

I have already gone through the files once, and I was able to clean the obvious files that shouldn't be there, but seems there are more that I have missed.

There are 9 Wordpress sites, the rest of the add on domains are redirects.

Has anyone ever used a professional malware cleaning service?

Hopefully reasonably priced?

if you have any recommendations please share, thank you in advance

Barry-xlovecam 10-27-2017 11:18 AM
Recover any files you need then move the server.
It's probably faster. A lot of times it has to do with -- who the fuck knows.
You will need to scan all of the files (somewhere) in a VM sandbox to insure the files' integrity first.

Do you have ssh access?

G-Unit01 10-27-2017 11:52 AM
Thank you for the reply Barry, yeah I'm looking at a few service providers now, but they have some serious prices, and most want to lock in their services for a year.

This is a share cPanel hosting account, I'm not sure if it has SSH access - but I do have access to the cPanel, file manager etc.

tokmansta 10-27-2017 12:42 PM
Before you clean files, make sure all plugins and base wordpress are updated. Do not run ancient wordpress plugins.

When you remove the files you must make sure you remove all the backdoors. Otherwise the malware is just going to get auto-installed again.

I believe succuri offers this service, but you probably already look at that one. I don't think you will find someone that's going to do it for $20 or something.

pornguy 10-27-2017 12:49 PM
Check out TrendMicro for servers. They have a free trial.

We are chasing down an issue that came through WP as well

Sly 10-27-2017 01:07 PM
Your WordPress, themes, and plug-ins are all exploited. Best course of action is to do a migration to a completely clean and new account. It can be with the same web host or another if you prefer. Set up your WordPress sites on the new account. Dump the data from your originating WordPress sites, import into your sites on the new account. Eliminate any theme and plug-in you are not using.

Then you need to be relentless about keeping WordPress, themes, and plug-ins updated or this will just happen again. WordPress is not a "set and forget" platform but is used for that purpose far too often. Check into auto updaters as well, they are not 100% but they can help out a lot.

Good luck, you have some work ahead of you.

TheDynasty 10-27-2017 01:28 PM
good info for anyone out there who has been hacked with malware

Sarn 10-27-2017 01:42 PM
https://revisium.com/aibo/

Barry-xlovecam 10-27-2017 01:48 PM
in the web root

just run the command in ssh
Code:
$grep -rni 'javascr\|script' | less
or $grep -rni 'javascr\|script' > FILE SAVED. TXT
Then you can read through the scripts for any unexpected code -- you may find a corrupt file. that should grep the script tags

Wordpress on shared servers is always precarious.

save the images and delete the wordpress saving the database used. reinstall a clean wordpress maybe the database is still good.

without shell access ... You can try some online scans but I would not waste a lot of time on a trashed wordpress.

HomerSimpson 10-28-2017 07:31 AM
Contact me (icq/email in sig) and I can take a look :)

kuprum 10-28-2017 09:58 AM
Try Adwcleaner


All times are GMT -7. The time now is 01:26 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123