Web Server Malware

[therealcrazy8]

I have an account with Bluehost and my account was just infected with malware. I have been looking into a script, or something to put onto the server and scan, but I am only finding services that will only scan for free but ask for hundreds of dollars to remove the infection. The problem is that I have wordpress, joomla or drupal sites on the server in addition to a regular html/php site. Do any of you know of a script or something that I can upload to the server to scan and hopefully remove the infection? 3 of the sites are businesses and have been down all day because of this. Any help would be much appreciated.

 

[glennd]

I have an account with Bluehost and my account was just infected with malware. I have been looking into a script, or something to put onto the server and scan, but I am only finding services that will only scan for free but ask for hundreds of dollars to remove the infection. The problem is that I have wordpress, joomla or drupal sites on the server in addition to a regular html/php site. Do any of you know of a script or something that I can upload to the server to scan and hopefully remove the infection? 3 of the sites are businesses and have been down all day because of this. Any help would be much appreciated.

You should be talking to the host

 

[therealcrazy8]

You should be talking to the host

Thats the first thing I did. They offer a service that will cost hundreds of dollars or I can find a script or something to put onto the server and clean it myself. Now I am on the hunt.

 

[Slaters Kustum Machines]

Can you not restore from a recent backup?

 

[therealcrazy8]

That would have been the second thing I'd do, but I have one other person who's administrative but only for his site and not all sites have recent backups.

 

[jmitservices]

I just delt with one of my customers sites today that got hacked with malware (Wordpress). Sometimes you might find if you download the files to your computer your AV software can sometimes find the infected files. However I had to manually remove the malware from certain files and then restore all of the core Wordpress files.

Once finished I did a scan with the following: Wordfence

 

[fencepost]

One headache that you're going to have is that there are several places that could be problems: Extra files (easy), modifications to existing files (feasible to fix or reinstall if they weren't customized) and the real pain, malicious entries in the database(s).

My immediate thought for where to look was Sucuri.net, but that's all paid plans, etc.

 

[therealcrazy8]

Downside is that I cant even get to the login. Downloading 6 or seven sites and scanning is definitely going to talk a ton of time but that's where I'll start and see what comes of that. Thanks for the help and ideas so far.