Jump to content

Please unblock vanisle360.com or provide more details of the trojan


Lorie

Recommended Posts

Hosting IP: 165.227.40.171 - Not found in other tickets using your search function.

Domain name: vanisle360.com

Steps taken for investigation/remediation:

  • Updated the theme and all plugins
  • Cpanel scans
    • This came back clean/no infection found.
  • Created zipped backup of CPanel and database and used Windows Defender to scan the files.
    • I am 90% confident that this reports accurate data because I had a zipped backup of my own website via the Cpanel which contained a trojan email. Windows Defender, when I ran an intentional custom scan, detected this.
    • I also ran Malware bytes scan on the zip. *Free version,
    • I unzipped the Cpanel backup and ran yet another scan on the unzipped files.
    • All of these scans came back with zero malicious results.
  • I created a duplicator backup of the website (JUST the site; not the hosting server via cpanel) and repeated this action.
    • These scans came back negative.
  • Neither Wordfence nor Ithemes detected any challenges.
  • I installed a third-party plugin called Anti-Malware from GOTMLS.NET
  • I ran the site through a fairly reliable, free scanning tool: https://sitecheck.sucuri.net/ and Free Website Scanner - Check Site Security & Malware | SiteLock

When I visit the website with the browser add-on disabled, no malware scanners trigger as unsafe. 

When I download a copy of the website, Malware bytes does not trigger with an infected file warning (at least not the free version).

I cannot supply logs as there are none enabled in my free trial version. 

The website was indeed apparently hacked at one point about two or three years ago but that was resolved, all infected files were deleted (the whole website was deleted), hosting was moved to a fresh server, and the site is in the process of being rebuilt. 

Can you please either let me know exactly what files are infected with the trojan, or update your browser guard to remove VanIsle360.com as a dangerous/infected site. 

image.thumb.png.f47a07d1b0fb281d716b22673a3daa74.png

Link to post
Share on other sites

  • Staff
2 hours ago, Lorie said:

Hosting IP: 165.227.40.171 - Not found in other tickets using your search function.

Domain name: vanisle360.com

Steps taken for investigation/remediation:

  • Updated the theme and all plugins
  • Cpanel scans
    • This came back clean/no infection found.
  • Created zipped backup of CPanel and database and used Windows Defender to scan the files.
    • I am 90% confident that this reports accurate data because I had a zipped backup of my own website via the Cpanel which contained a trojan email. Windows Defender, when I ran an intentional custom scan, detected this.
    • I also ran Malware bytes scan on the zip. *Free version,
    • I unzipped the Cpanel backup and ran yet another scan on the unzipped files.
    • All of these scans came back with zero malicious results.
  • I created a duplicator backup of the website (JUST the site; not the hosting server via cpanel) and repeated this action.
    • These scans came back negative.
  • Neither Wordfence nor Ithemes detected any challenges.
  • I installed a third-party plugin called Anti-Malware from GOTMLS.NET
  • I ran the site through a fairly reliable, free scanning tool: https://sitecheck.sucuri.net/ and Free Website Scanner - Check Site Security & Malware | SiteLock

When I visit the website with the browser add-on disabled, no malware scanners trigger as unsafe. 

When I download a copy of the website, Malware bytes does not trigger with an infected file warning (at least not the free version).

I cannot supply logs as there are none enabled in my free trial version. 

The website was indeed apparently hacked at one point about two or three years ago but that was resolved, all infected files were deleted (the whole website was deleted), hosting was moved to a fresh server, and the site is in the process of being rebuilt. 

Can you please either let me know exactly what files are infected with the trojan, or update your browser guard to remove VanIsle360.com as a dangerous/infected site. 

image.thumb.png.f47a07d1b0fb281d716b22673a3daa74.png

Hello, thanks for bringing this to our attention. We've reviewed the data from the site again and have determined it no longer warrants being blocked so we've disabled the block in our database. 

Removal should be reflected in the next database update going out in a few hours or so.

  • Like 1
Link to post
Share on other sites

  • TeMerc locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.