How to scan/clean my ftp for malware?

Just recieved this email from my hosting:

Your web hosting account for your domain xxxx has been deactivated, as of 06/06/2012. (reason: terms of service violation – malware/virus)

This deactivation was due to a Terms of Service violation associated with your account.

Any ideas how to fix this? I have a couple of wordpress sites and the hosting company is bluehost.

privacy – Preserving anonymity with ring 0 malware infected PC

I am attempting to determine whether it would be possible to maintain your anonymity while using an internet-connected PC infected with ring 0 malware. The threat model assumes the adversary is willing to purchase zero-day exploits and craft malware specifically targeting the victim in question.

Furthermore, I am assuming my adversary is capable of performing a virtual machine escape, which has previously been done on Qubes OS. My threat model assumes ring 0 access to my physical hardware.

Here are the current threats I have considered along with potential solutions:

Threat #1

The malware simply pings a server controlled by the adversary to leak the victim’s real IP address.

Potential solution:
The device will exclusively be connected via Ethernet to a router which routes all traffic through Tor. This router will be configured to disable all remote access (i.e. SSH).

Threat #2

The malware reads the hardware’s MAC address, serial number, or other unique identifiers that tie it to a specific purchase, which could then lead to the victim’s identity.

Potential solution: Anonymously purchase the hardware (i.e. use cash to buy a laptop found on craigslist) and never connect to any WiFi network (to ensure the MAC address is not associated with your identity).

Threat #3

The malware scans for nearby WiFi networks to attempt to estimate the victim’s location by using a combination of the global maps of wireless access points and the WiFi signal’s strength.

Potential solution: Physically remove any WiFi adapters from the device and exclusively use an Ethernet connection.

Threat #4

The malware uses the victim’s camera or microphone to record them, potentially allowing the adversary to uncover the victim’s identity.

Potential solution: Physically remove any cameras or microphones from the device.


The victim will operate under the assumption that their device has been infected with malware. Naturally, if the victim uses the device to log in to their personal Facebook account, their identity will be compromised.


Are the solutions I presented adequate, and are there other de-anonymization tactics I have not considered? In short, is it possible maintain your anonymity while using a ring 0 malware infected PC?

What do when a malware starts pretending as a system app?

As far as I know, resetting the phone isn’t going to help.

But reflashing the rom might.
What do you think?

TrickBot Malware Botnet Taken Down by Coalition of Tech Companies

A coalition of tech companies, including Microsoft, took down the TrickBot malware botnet.

Review for Imunify360 malware scanner.

We installed Imunify360 malware scanner on a very active shared hosting web server. Over 750 accounts with about 1.3 TB of files. (Don’t … | Read the rest of

malware – How to delete vid001.exe and img001.exe completely

When I enable admin shares on any machine in my network, there are some folders being created on that machine.

enter image description here

And in every startup folder of every user inside c:users, the VID001.exe/img001.exe is being copied.
enter image description here

If I delete them, after some time, they are getting copied again.
I assumed there is some other machine being affected and it is copying the files.
So, I enable the audit options in the event logs and able to find the machine where it is being copied.
And deleted these files from that machine also.

But, after some time, the same set of files are created on the machine again but audit logs show some other IP address.

In this way, there are many machines effected in the network.
Any antivirus just deletes the files on the machine where it installed and after some time they are copied again.

Tell me how to fix this in the complete infrastructure.

Why don’t antivirus definition files get detected as malware

I was wondering… if antiviruses store virus definition files that contain virus signatures then why wouldn’t they get detected as malware by themselves or Windows Defender or any other AV out there?

I will scan and clean your server from malware for $80

I will scan and clean your server from malware

Servers infected with malware can distribute spam, participate in DDoS attacks, and steal data from your customers – it’s bad for business.

I’ll assist you to discover and remove all the malware, rootkits, viruses, spyware, and adware from your servers. You will receive a detailed summary report with all of my findings, actions, and recommendations.

An annual on-going monitoring plan on a monthly basis is available as well.

Focus on your business and allow me, a Cybersecurity expert with +12 years of experience, to protect your servers from cybercriminals!


windows – Is factory reset enough to remove malware from laptop?

I have an ASUS laptop with Windows 10 that I want to factory reset. I used it for many years and did some torrenting with it in the past, so I wouldn’t be surprised if something went wrong when it comes to security. The steps I would follow are these:

I would rather factory reset than format cause it would be harder to find the right drivers again if I formatted, and it’s a big deal with laptops.

However, I wonder, is factory reset from a recovery partition safe enough to clean up the laptop if it got infected? Or could malware have overwritten the recovery partition and/or the UEFI (or other firmware)? I have secure boot disabled cause I needed to start Linux from Live USB many times and it interfered.

How to prevent Windows programs like MS Office, calc etc. from launching other process (protection against malware)

Is there a way in Windows to block/prevent certain programs like MS Office, Calc etc. from launching another process? I’m trying to find a way to secure my Windows from malware that may do this.