Malicious file removal?

  • Resolved piltdownman

    (@piltdownman)


    2 years, 4 months ago

    My site was recently hacked. I have rolled it back, but apparently a single malicious file is still hiding. Quttera shows me this file, but not where is actually is. Is there a way to find the file and remove it?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author quttera

    (@quttera)

    Hello,

    During the scan, the plugin creates a log file you can find it in the plugins directory.

    Please go over this log file and search for the words enMaliciousThreatType or enSuspiciousThreatType.

    This line will/should contain the full path of the detect file.

    Quttera Team

    Thread Starter piltdownman

    (@piltdownman)

    What is the log file called and what extension does it have?

    Plugin Author quttera

    (@quttera)

    The log file is called runtime.log and it could be found in the plugin’s directory.

    Thread Starter piltdownman

    (@piltdownman)

    I find no such file in the directory:

    plugins > quttera-web-malware-scanner

    Plugin Author quttera

    (@quttera)

    During execution, the plugin creates two files to keep results, a report file and log files similar to the following (until there are some permissions issues to create such files):

    -rw-r–r– 1 www-data www-data 8359 Jul 2 20:56 quttera_wp_report.txt
    -rw-r–r– 1 www-data www-data 13147595 Jul 2 20:56 runtime.log

    The detected file name also can be part of the quttera_wp_report.txt file

    Please try to rerun the scan again and verify these files had been created.

    Another way to get the full path is to download the scan report as a text file via “Download report” button

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Malicious file removal?’ is closed to new replies.