Remove Malicious code from your webpage
Lets see how we can remove malicious program from our webpages.
Suppose you can see a malicious code like ‘eval(base64_decode’, To remove this malware go to server's secure shell and type bellow code, and see the malware is gone like a magic.
find -regex “.*php” -exec sed -i ‘s|<?php /\*\*/ eval(base64_decode(.*;?>||g’ {} \;
If you see such type malicious program attacks your webpage again later you can remove them manually also.
If you see any malware code that you have no idea what to do like this one:
<php /*versio:2.05*/if (!defined(‘determinator’)){$Q00=0;$Q00=pack(‘H*’,’62615636f6465′);eval($QQQ00(‘JELidRJy…………wPJ9IH0=’));}?><?php
Lets remove tsuch type malware to bring it to your local machine.
1st download your files from hosting site. you can use filezilla for this purpose.
Now download iscanner software to your local machine.
Open the software.
“tar -zxvf iscanner.tar.gz”
Now from iscanner-0.7 copy all files and keep them in "filesystem/usr/local/sbin"
Now install RUBY to your local machine , download it and install it to your machine.
“sudo apt-get install ruby”
Now your iScanner is ready for use completely. Write iscanner to terminal and use it.
General use has been shown bellow:
WRITE THIS CODE:
“iscanner -f /home/user”
if you want to remove single file then write this code:
“iscanner -F /home/user/file.php”
If malicious code is not removed after trying all this methods the open .php page, copy malicious code and paste it to notepad.। Now run this code;
“iscanner -M /home/user/malware_code.txt -f /home/user”
Here, in this file you give input the exact name of the malware: malware_code.txt. YOu can confirm each and everypage by checking with this code manually to confirm that their is any malware left ot not.
If you can catch any malware then it time for its removal.
When you ran this code, “infected-10:52:24-11.Jul.log” then a log file automatically was created.
Now use this code to remove detected malwares.
“iscanner -c infected.log”
if you want to run the code unchanged then you have to change the name of log file as: infected.log
Thats all. Now you have to upload all your clean pages to web Host again.
Thanks all.
Enjoy your malware free clean website now.
Lets see how we can remove malicious program from our webpages.
Suppose you can see a malicious code like ‘eval(base64_decode’, To remove this malware go to server's secure shell and type bellow code, and see the malware is gone like a magic.
find -regex “.*php” -exec sed -i ‘s|<?php /\*\*/ eval(base64_decode(.*;?>||g’ {} \;
If you see such type malicious program attacks your webpage again later you can remove them manually also.
If you see any malware code that you have no idea what to do like this one:
<php /*versio:2.05*/if (!defined(‘determinator’)){$Q00=0;$Q00=pack(‘H*’,’62615636f6465′);eval($QQQ00(‘JELidRJy…………wPJ9IH0=’));}?><?php
Lets remove tsuch type malware to bring it to your local machine.
1st download your files from hosting site. you can use filezilla for this purpose.
Now download iscanner software to your local machine.
Open the software.
“tar -zxvf iscanner.tar.gz”
Now from iscanner-0.7 copy all files and keep them in "filesystem/usr/local/sbin"
Now install RUBY to your local machine , download it and install it to your machine.
“sudo apt-get install ruby”
Now your iScanner is ready for use completely. Write iscanner to terminal and use it.
General use has been shown bellow:
WRITE THIS CODE:
“iscanner -f /home/user”
if you want to remove single file then write this code:
“iscanner -F /home/user/file.php”
If malicious code is not removed after trying all this methods the open .php page, copy malicious code and paste it to notepad.। Now run this code;
“iscanner -M /home/user/malware_code.txt -f /home/user”
Here, in this file you give input the exact name of the malware: malware_code.txt. YOu can confirm each and everypage by checking with this code manually to confirm that their is any malware left ot not.
If you can catch any malware then it time for its removal.
When you ran this code, “infected-10:52:24-11.Jul.log” then a log file automatically was created.
Now use this code to remove detected malwares.
“iscanner -c infected.log”
if you want to run the code unchanged then you have to change the name of log file as: infected.log
Thats all. Now you have to upload all your clean pages to web Host again.
Thanks all.
Enjoy your malware free clean website now.