| Question: |
Zdravstvuyte your account has sent spam and found вирусыFILE HIT LIST:{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/certificates/view.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/SimplePie/Content/config.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/pomo/ini.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/plugins/colorpicker/login.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/plugins/wpemoji/themes.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/skins/wordpress/images/blog.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/skins/wordpress/dump.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/mediaelement/dirs.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/zenzero/single.php{HEX}php.cmdshell.unclassed.358 : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/config.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/includes/theme-comments.php{HEX}php.cmdshell.unclassed.358 : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/phpini.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/cache/file.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/config.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/2012/file.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/article.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentythirteen/images/headers/xml.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentythirteen/index.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentyfourteen/comments.php |
| Answer: |
Hello.
let your IP, you can read it on the page http://www.erahost.ru/2ip.php |
| Question: |
128.73.156.172 |
| Answer: |
Access is open to you. Prime measures. you have an infected website and many of its th files |
| Question: |
I have no idea how now to solve this problem.how and what to do.usually via FTP gets but I didn`t even work via FTP. |
| Question: |
To You with such a request addressed? What to do at all |
| Answer: |
just via ftp gets rare, usually infected subject or vulnerable modules you need to check the files of the website, to update the engine, remove the questionable modules and to change passwords |
| Answer: |
just via ftp gets rare, usually infected subject or vulnerable modules you need to check the files of the website, to update the engine, remove the questionable modules and to change passwords |
| Question: |
Website you off?as it is not loaded even.and in the admin panel does not go on the link.okay something came up and I will write You. |
| Answer: |
ok
|
| Question: |
I downloaded everything and checked for the virus deleted all the questionable plugins.restore the site I also admin the plugin will download the antivirus and check again just in case. |
| Answer: |
don`t quite understand in what sense vosstanovit? what? |
| Question: |
the website does not open and does not go to the admin panel www.mebel-baku.com |
| Answer: |
but the site is corrupted by viruses, we will restore it to You? Gave you a list of corrupted files |
| Question: |
Today`s backup do You have ? or yesterday`s ? |
| Question: |
only these corrupted files ?FILE HIT LIST:{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/certificates/view.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/SimplePie/Content/config.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/pomo/ini.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/plugins/colorpicker/login.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/plugins/wpemoji/themes.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/skins/wordpress/images/blog.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/skins/wordpress/dump.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/mediaelement/dirs.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/zenzero/single.php{HEX}php.cmdshell.unclassed.358 : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/config.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/includes/theme-comments.php{HEX}php.cmdshell.unclassed.358 : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/phpini.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/cache/file.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/config.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/2012/file.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/article.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentythirteen/images/headers/xml.php{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentythirteen/index.php{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentyfourteen/comments.php |
| Answer: |
Yes, this file contains a virus or viruses |
| Question: |
do You have a backup that I restored the website ? |
| Question: |
Deletes the entire folder and it will flood again in the catalog, all but before that again properry on the virus and if that`ll cure that will catch doctor web |
| Question: |
backup I sent to your email [email protected] but never came can`t understand why no mail backup |
| Answer: |
backup as infected. there`s no point. easier to replace the files on those. what part of the standard distribution |
| Question: |
so infected files can be treated. why is it useless ? I`m changing all the infected files and normal load in the directory and a lot of infected in the list I deleted. I can`t re-install WordPress there all information |
| Answer: |
we brought a complete list of infection files found by anti-virus. replace the original |
| Question: |
I`m doing that now change the file dropped in root replace all your files. |
| Answer: |
ok |
| Question: |
FILE HIT LIST:{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/certificates/view.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/SimplePie/Content/config.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/pomo/ini.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/plugins/colorpicker/login.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/plugins/wpemoji/themes.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/skins/wordpress/images/blog.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/tinymce/skins/wordpress/dump.php - replaced{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-includes/js/mediaelement/dirs.php - replaced{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/zenzero/single.php - Deleted {HEX}php.cmdshell.unclassed.358 : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/config.php - cured the file{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/includes/theme-comments.php - cured the file{HEX}php.cmdshell.unclassed.358 : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/phpini.php cured file{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/cache/file.php cured file{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/config.php cured file{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/2012/file.php cured file{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/oversized/files/article.php cured file{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentythirteen/images/headers/xml.php removed{CAV}PHP.Trojan.Uploader : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentythirteen/index.php removed{CAV}Php.Trojan.StopPost : /var/www/aliyev87/data/www/mebel-baku.com/wp-content/themes/twentyfourteen/comments.php removed |
| Question: |
when I can get into the admin ? |
| Answer: |
you can log into the admin panel once the site files are in place. from our side, no block, no |
| Question: |
on what date is the backup ?not opens. I can`t lose all the information. |
| Answer: |
a backup of the files is done on the weekend , hence it 1-2. but he`s infected, we can`t download infection files on the server that you were sending spam. your fault the server ip was blacklisted and people could not send mail. |
| Question: |
There are specialists who do this. but you need backup. Remove viruses. |
| Answer: |
well, we will have pumped the backup files to separate folder |
| Question: |
write where exactly |
| Answer: |
now you will have pumped, and inform |
| Question: |
OK |
| Answer: |
backups of files are made every week, on weekends, purpose; consequently neither today`s nor yesterday`s backup there, backup 1-2 number |
| Question: |
at this time, was not even infected the website of pismy not come to me.this is two or three days as it was. as a backup you can get the number 1 ? |
| Answer: |
what website nablopomo this does not mean that the site wasn`t infected. |
| Answer: |
here beep /var/www/aliyev87/data/www/backup |
| Question: |
after I do it You write to fill in and what would you check if everything is normal or not ? I be after ? |
| Answer: |
you all preverite, apcstate website and write to us |
| Question: |
OK |
| Answer: |
ok |
| Question: |
Thank You |
| Answer: |
thank you for contacting tech support |
| Question: |
Please check www.mebel-baku.com.мне sent the file back and I downloaded. if there`s anything and if they send me there. since I paid money for this service. what could I tell them that they did everything correctly |
| Answer: |
what folder should I check? |
| Question: |
the entire website if possible. I just don`t want to be a problem for You and headaches. I`ve been assured that the website is free from viruses and Trojans.How can you be certain ? |
| Answer: |
we will check all files from your account, please wait. a vulnerability found in scripts? |
| Question: |
well wait.Above the template should work.said it`s because of the plugin. I rocked the plug-ins from unknown websites.the reason for this said. |
| Answer: |
checked. antivirus found nothing |
| Question: |
OK thank you very much.I am very pleased. That and everyone has a good time thanks to you. if not your backup now everyone would have to re-do. once again convinced that I made the right choice by choosing you. once again thank you very much. |
| Answer: |
and that`s fine. only now please follow the site |
| Question: |
very I`ll try. |
| Answer: |
ok |
