Is removing a virus from a server a difficult project?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Minte
    Babemeister
    • Jun 2001
    • 7081

    #1

    Is removing a virus from a server a difficult project?

    I'm not a server guy. Just wondering how long something like that should take.
    You might not be as anonymous as you think you are.
  • antpeks
    So Fucking Banned
    • Nov 2005
    • 51

    #2
    depends on what shit you got

    Comment

    • Minte
      Babemeister
      • Jun 2001
      • 7081

      #3
      Originally posted by antpeks
      depends on what shit you got
      It's redirecting my sites and gallerys to a tube site
      You might not be as anonymous as you think you are.

      Comment

      • antpeks
        So Fucking Banned
        • Nov 2005
        • 51

        #4
        Originally posted by Minte
        It's redirecting my sites and gallerys to a tube site
        its not a virus, put the site url in google and add remove after so

        "site.com remove"

        and you are clean in few minutes. google is still friend

        Comment

        • Minte
          Babemeister
          • Jun 2001
          • 7081

          #5
          Thankyou, I will give that a go.
          You might not be as anonymous as you think you are.

          Comment

          • Minte
            Babemeister
            • Jun 2001
            • 7081

            #6
            Tried that,and when I clicked on any page from the domain this avg warning opens.

            You might not be as anonymous as you think you are.

            Comment

            • CyberHustler
              Masterbaiter
              • Feb 2006
              • 28739

              #7
              You really tried that?
              “If you can convince the lowest white man he’s better than the best colored man, he won’t notice you’re picking his pocket. Hell, give him somebody to look down on, and he’ll empty his pockets for you.”

              Comment

              • Minte
                Babemeister
                • Jun 2001
                • 7081

                #8
                Originally posted by CryBaby
                You really tried that?
                I've lost nearly a million hits since the weekend,the server tech is useless and at this point I will stand on a stool and howl at the moon if that what it takes.
                You might not be as anonymous as you think you are.

                Comment

                • xenigo
                  Confirmed User
                  • Jan 2001
                  • 8067

                  #9
                  Originally posted by Minte
                  I've lost nearly a million hits since the weekend,the server tech is useless and at this point I will stand on a stool and howl at the moon if that what it takes.
                  That's crazy. What is your site?

                  Comment

                  • Phoenix
                    BACON BACON BACON
                    • Nov 2002
                    • 35475

                    #10
                    time to change hosts man

                    you are probably a nie sized account for them...and if they can take care of business for you.....next
                    Telegram PhoenixBrad
                    https://quantads.io

                    Comment

                    • CyberHustler
                      Masterbaiter
                      • Feb 2006
                      • 28739

                      #11
                      Originally posted by Minte
                      I've lost nearly a million hits since the weekend,the server tech is useless and at this point I will stand on a stool and howl at the moon if that what it takes.
                      Nah, just upload a backup or find another host...
                      “If you can convince the lowest white man he’s better than the best colored man, he won’t notice you’re picking his pocket. Hell, give him somebody to look down on, and he’ll empty his pockets for you.”

                      Comment

                      • HandballJim
                        Confirmed User
                        • Sep 2008
                        • 4024

                        #12
                        If it cost you a million hits already I would be on the phone with a rep from symantec or mcaffee to see what solutions they have.

                        I work from a webs folder on my desktop and just publish the new files...this way if the virus gets into my web folder I just need to remove it from my webfolder then re-publish the files without the virus. I usually scan the folder once a week for viruses...Not sure if this is a full proof system though.
                        HOW I MAKE LOTS OF $$$

                        Comment

                        • unleashxxx
                          Confirmed User
                          • Mar 2006
                          • 222

                          #13
                          i can help icq me 784260

                          Comment

                          • BIGTYMER
                            Junior Achiever
                            • Nov 2004
                            • 17066

                            #14
                            Sorry to hear about this man... How has ISPrime not fixed this for you already?

                            It looks like the server or one of your scripts was compromised and they added code to every page.

                            Comment

                            • CyberHustler
                              Masterbaiter
                              • Feb 2006
                              • 28739

                              #15
                              Check any global template files...
                              “If you can convince the lowest white man he’s better than the best colored man, he won’t notice you’re picking his pocket. Hell, give him somebody to look down on, and he’ll empty his pockets for you.”

                              Comment

                              • rowan
                                Too lazy to set a custom title
                                • Mar 2002
                                • 17393

                                #16
                                Server side infection can be hard to get rid of, because you need to (a) know how they got in, and fix that hole and (b) find any altered or added files which would allow them access even once you close that hole. It's often the second part that is the most time consuming.

                                Why haven't you restored from backup?

                                Comment

                                • HandballJim
                                  Confirmed User
                                  • Sep 2008
                                  • 4024

                                  #17
                                  yahoo results for "clean virus from server"
                                  HOW I MAKE LOTS OF $$$

                                  Comment

                                  • mmcfadden
                                    So Fucking Banned
                                    • Oct 2008
                                    • 5099

                                    #18
                                    Can you look in your root directory and organize all your files by date? Find out which ones have been modified and see if you can identify the malicious code.

                                    Also, run a full scan on any computer you ftp with

                                    Comment

                                    • BIGTYMER
                                      Junior Achiever
                                      • Nov 2004
                                      • 17066

                                      #19
                                      If you don't have a backup you're up shit creek.

                                      Comment

                                      • SmellyNose
                                        Confirmed User
                                        • Aug 2009
                                        • 206

                                        #20
                                        You are going to be best asking in all of the webmaster forums you can find for somebody to SSH in and sort it.

                                        Even if it was as simple as a recursive sed on the sites files, more than likely they will be back as the hole wasn't closed. So you need to be careful.

                                        Run an anti virus on any PCs you use to connect to your server.
                                        Change the passwords to your server, from a different PC to any of the above.
                                        Get somebody to SSH in and grep for the URL your sites are being redirected to and use sed to replace them.
                                        More than likely the redirect will be in JS or at least encoded some how so you won't be able to just do a search for the URL, you'll have to do a search for encoding/decoding functions.

                                        You're best paying somebody $100 to sort it for you, if your host can't/won't do it.

                                        And stop using IE.
                                        I'm a PHP developer - 594086663 - [email protected]

                                        Comment

                                        • Tasty1
                                          Bla bla blaa
                                          • Jan 2005
                                          • 9529

                                          #21
                                          Most of the viruses leave a code in every .php file.
                                          You have to clean all the .php files or put a back up.

                                          But they where able to inject code in your pages.
                                          So there must be a leak somewhere.
                                          And that can be done in a lot of software.
                                          So you have to check als installed scripts.
                                          Maybe you can see where they got in in your log file.

                                          This can be solved in 1 hour. But it also can takes days before you find out where they get in. Look what software could be vunerable and search the forums of that software. Most of the time other people suffer the same problems and questions pop up on forums.

                                          When it is fixed you have to send your page to google again. The blacklisted your domain. I had that once and they got me of the blacklist a few hours after i send in my site to get of the blacklist.

                                          everything is fake

                                          Comment

                                          • HomerSimpson
                                            Too lazy to set a custom title
                                            • Sep 2005
                                            • 13826

                                            #22
                                            depends how virus is fucked up...
                                            if you need any help you may hit me up...
                                            Make a bank with Chaturbate - the best selling webcam program
                                            Ads that can't be block with AdBlockers !!! /// Best paying popup program (Bitcoin payouts) !!!

                                            PHP, MySql, Smarty, CodeIgniter, Laravel, WordPress, NATS... fixing stuff, server migrations & optimizations... My ICQ: 27429884 | Email:

                                            Comment

                                            Working...