Query about date infected

  • Resolved jen000

    (@jen000)


    6 years, 7 months ago

    Hello. I’ve had a major problem with 6 of my websites (which were hosted on one account) being hacked. Firstly I want to say this plugin is brilliant as its the only one which identified and cleared the code injections. So thank you! I have donated by the way.

    I am trying to work out when the initial hack took place and I have viewed the quarantined files. For two of my sites the oldest quarantined files are showing as date infected back in Feb 2016. But neither site was built in 2016. Both were built in 2018. Is there any way to figure out an accurate date of the first injection? I keep regular backups and I’m trying to avoid using an infected back up when I move the sites to a new host.

Viewing 1 replies (of 1 total)
  • Plugin Author Eli

    (@scheeeli)

    6 years, 7 months ago

    It is possible for the scripts to edit the modified date stamped on the files that get infected to further obscure the actual infection date.

    There is also a date changed and date created which are harder to corrupt but may not help you if the files were there before or have been changed after the infection (as would be the case if they have already been cleaned).

    You could try installing a backup and then checking the stats on those files that you know were infected, but it also may not be needed to restore a backup if you have already completely removed the infection.

Viewing 1 replies (of 1 total)

The topic ‘Query about date infected’ is closed to new replies.