Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander2019-10-01 23:16:56
Malware
Alexander, 2019-10-01 23:16:56

How to remove virus from Wordpress site with SCAN REPORT?

I have websites on hostiq.ua hosting.
A letter has arrived:
"Good afternoon,
The anti-virus scanning system has detected an infection of the files of your account "HQ2 -t - domoctroy.ru".
This type of activity violates the rules for using our services, which are located at the link: https://hostiq.ua/acceptable-use -policy/
Due to the activity of the detected infection, we were forced to block the operation of the sites of your account.Please
take measures to eliminate the infection and its causes and respond to this notification within 48 hours, otherwise we will be forced to suspend the service.
complaint is listed in the attached scan report. We look forward to hearing from
you."
There is nowhere to attach the report, but I will give a couple of lines:
----------- SCAN REPORT -----------
TimeStamp: Mon, 15 Apr 2019 21:37:52 +0000
(/usr /sbin/cxs --nobayes --clamdsock /var/clamd --defapache nobody --doptions Mv --exploitscan --nofallback --filemax 0 --noforce --html --ignore /etc/cxs/cxs.ignore - -options MfSGhDZvmb --qoptions Mv --report /home/domoctro/cxs-home_domoctro-2019-04-15.log --sizemax 500000 --ssl --summary --sversionscan --timemax 30 --nounofficial --virusscan . /)
Scanning /home/domoctro:
'/home/domoctro/.cagefs/opt/alt/php72/var/lib/Exception_wp.php'
# Known exploit = ​​[Fingerprint Match] [PHP Obfuscation Exploit [P1557]]
'/home /domoctro/.cl.selector/Exception_wp.php'
# Known exploit = ​​[Fingerprint Match] [PHP Obfuscation Exploit [P1557]]
'/home/domoctro/.cpanel/ea-php-cli/credit.wse-znay.ru/wp-admin/Exception_wp.php'
# Known exploit = [Fingerprint Match] [PHP Obfuscation Exploit [P1557]]
'/home/domoctro/.cphorde/meta/Exception_wp.php'
# Known exploit = ​​[Fingerprint Match] [PHP Obfuscation Exploit [P1557]]
'/home/domoctro/ .htpasswds/Exception_wp.php'
# Known exploit = ​​[Fingerprint Match] [PHP Obfuscation Exploit [P1557]]
How can I remove the virus?
SOS! SOS! HELP!
PS: sites were bought on Telderi (for a penny), I bought the domain name myself. The seller from Telderi was engaged in the installation of the main site and additional ones on the hosting. He promised to help with the problem (and dug somewhere on the hosting - he gave him access to the control panel), but then he disappeared somewhere and not a word or a spirit.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
V
vuqar972018-11-27 19:32:48
Why doesn't the video play until it's fully loaded? 1Reply
M
mihalich2013-04-27 11:59:27
How to find a virus on a website? 7Reply
L
louvremaster2016-02-01 17:35:54
How to find "bad" clients? 1Reply
W
WildZero2013-06-15 21:40:05
Strange tracing in vk.com 4Reply
D
DenKapulins2021-09-16 22:22:46
What is a virus on windows? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question