Shared web hosting companies usually install a malware scanner on their servers (ClamAV virus scanner). This is very helpful to scan PHP files with malware. Also, you need SSH access to the server and use extra signatures to get a better detection ratio of PHP malware.
We generated a bash script for that, so there is no need to manually download everything.
This script works with cPanel/DirectAdmin and others where the ClamAV scanner is installed.
Download Script
# wget http://cdn.malware.expert/malware.expert.scanner.sh
Download Direct: http://cdn.malware.expert/malware.expert.scanner.sh
Usage
Execute or chmod 750 script and then execute:
# bash malware.expert.scanner.sh
Output
+-----------------------------------------------------------+ | Malware Expert - Malware Scanner | | Version: v1.0 | | https://malware.expert | | support@malware.expert | | | | USAGE: | | malware.expert.scanner.sh scan <path> | | malware.expert.scanner.sh update | | malware.expert.scanner.sh update force | | | | EXAMPLE: | | malware.expert.scanner.sh scan ./public_html | +-----------------------------------------------------------+
Scan public_html folder
DirectAdmin or cPanel Server scan public_html folder:
# bash malware.expert.scanner.sh scan ./public_html
Result Scan
Start scanning in ./public_html/
./public_html/uploads/eicar.com: {HEX}EICAR.TEST.10.UNOFFICIAL FOUND
----------- SCAN SUMMARY -----------
Known viruses: 11566
Engine version: 0.99.2
Scanned directories: 17
Scanned files: 2456
Infected files: 1
Data scanned: 28.82 MB
Data read: 22.55 MB (ratio 1.28:1)
Time: 2.414 sec (0 m 2 s)
Remove Website Malware
Then you need to manually check every file and if there is malware to remove that out of code or bad worst case delete whole file.
If you delete files, make sure it’s total malware or it can cause malfunction of the website.
You can use our tutorial Detect Malware and Remove it from source code.
Also we offer Website Malware Removal Service, if you dont know how to clean up website.