[Zombie_X]

Hi all,
 
I'm sorry guys but I have to vent about some stuff. Some of you know my website had got hacked and malware was installed. The malware was only on ZXAC and it's been a pain. I've had a big bout with it recently and I finally got rid of all the malware coding and files. I re-uploaded all fresh files then locked the directory. I removed access to my friends who had their own accounts and have had no issues for two days. I spoke to tech support at my host and told them that all the code was removed and I revoked all the permissions for that folder and all my other FTP accounts. I told them I would like to have the suspension revoked. They made a support ticket and said someone would get back to me.
 
Well today I go to log into my FTP to finish backing up my whole site only to find the whole ZXAC directory gone and worse is that they even deleted my MySQL database for it. That database held all my customers info, orders, my recently purchased Vbulletin forums software, my new image gallery software, and many other things. The kicker is that I told them I want them to contact me before deleting anything (and they said they would ask for my permission) and now they do this? They deleted not only ZXAC (no back-ups of it because of a recent HDD crash!!) but the entire database for it and even some other folders which were just fine!
 
I contacted support today to explained everything. They said that the said folders were infected but that just BS as I went through every line of code in each folder (took forever) and removed all the bad code that was implanted. I then went on to say that they went above me and deleted stuff from there without y consent. Their response was that the folders were still infected. I told them they weren't because I made the permissions for the folders all so no one could access them. All the corrupted files were replaced and or repaired. There was no more infection. 
 
I also told them because of the deletion that I lost my Vbulletin install and I don't have a copy of the license nor do I have a copy of the image gallery software. I had purchased Vbulletin 6 months back and have been tinkering with it and had just finished it's skin. I no longer have records of the license key and have been trying to get another one from Vbulletin directly. I just recently purchased advanced SSL verification, SiteLock PRO, and even upgraded the hosting through them. 
 
This is truly a bummer! Actually bummer is an understatement. It's a major RAGE inducing episode and I am in rage mode right now. They sunk ZXAC and now I am at a total loss. I spent nearly $400 recently upgrading everything on my site and now this? I can not believe they deleted all of that without asking me nor did they give me any notification of the intent to do so. I had a separate folder on my site that only I could access which had back-ups of my databases, and other files but they deleted it as well!
 
What should I do guys? I think I am in a position for legal action but I want to see what they can do for me.

 

[nikp]

Try out of court settlements such as mediation / conciliation. You don't want to go down the expensive and lengthy court processes buddy. If that doesn't work, go for arbitration then finally there's no other option except for a civil lawsuit (don't forget the juries). I find your statements persuasive and genuine. 
 
 
*I expressly disclaim any responsibility for the opinion/advice provided in the statement. This is not a legal advice. You should consult with your own lawyer for legal advice.

 

[Zombie_X]

Well before we go that way I want to see what they will do. I'll have to keep that in mind though.
 
The only database I have backed up is from when I initially made my site.
 
Quote:

Try out of court settlements such as mediation / conciliation. You don't want to go down the expensive and lengthy court processes buddy. If that doesn't work, go for arbitration then finally there's no other option except for a civil lawsuit (don't forget the juries). I find your statements persuasive. 

 

 

[nikp]

That is one of the worst nightmares in a business and there must be a considerable huge amount of loss that is going on. I hope things will go smoothly for you and your business

 

[Zombie_X]

I know my host makes back-ups but I wonder how old the back-up they have is. I really hope it's within the last month as that's when I finished all my other additions to the site.
 
Also thanks for the kind words my friend. I'm sure they'll right their wrong now that I've stated my case.
 
Quote:

That is one of the worst nightmares in a business and there must be a considerable huge amount of loss that is going on. I hope things will go smoothly for you and your business

 

 

[RandomShortGuy]

I can't really offer any advice, but I'd still like to say I'm sorry. I'm fairly new to the site, but I've come across a number of your posts, all of which were very helpful. Crappy things happen to the best of us unfortunately. I hope things work out for you.

 

[ardgedee]

If you don't have copies of the host's last couple backups, get them ASAP. This will get you the data you want and if you don't know what to do with it, you can find somebody who can.
 
You want more than only the last backup, since that may have been made after the malware was installed or even after the site was wiped.
 
Best of luck. This stuff is agonizing to deal with, and takes time.

 

[tdockweiler]

You could try some unerase software and see if there is anything left to recover. Usually when something is deleted, it's not really gone. You can often recover items to 100% weeks later. I'm guessing you're using Linux so I'm not sure what the recovery software is called, but it should be free. Hopefully they let you login by telnet or using putty.
 
I rent a dedicated server and all this happened before. I ran a PHP poll and that caused my machine to be hacked. One day my domain wasn't loading and the server was taken off by spammers/hackers. They didn't ask me and just formatted everything.
 
Luckily I had a backup. I had this happen so much that I now have a Raid 1 setup and even back that up.
 
See if you can find a recovery software and try to recover what you can. It's probably still possible.

 

[Zombie_X]

Well some good news!
 
My host was able to restore my MySQL database and most of the files. Not all files are present via the FTP but they said that's all they could do. 
 
I might as well start all over and use different cart software. Maybe one that has more security. ZenCart is great but I want something a bit more secure.

 

[nikp]

Oh that's a relief! Great news!

 

[cifani090]

Wheww, thank gosh they were able to help you. Congrats on the long journey!

 

[Zombie_X]

Indeed it is!!
 
Quote:

Oh that's a relief! Great news!

 
 
Yeah I'm happy restoration was possible. Thankfully all I had to do was re-upload a few specific files and presto ZXAC is back-up and running once again! I'm so happy I got my database back. That mattered most to me.
 
Now I backed up everything and downladed my database and burned everything to a DVD-R. Safe keeping time it is.
 
Quote:

Wheww, thank gosh they were able to help you. Congrats on the long journey!

 

 

[tdockweiler]

I use 1shoppingcart, but it's not free and runs off a secure website. No configuration needed! Saves me a lot of hassle.
I'm looking into OpenCart, but requires a commercial plugin for use with my merchant account.
Quote:

Well some good news!
 
My host was able to restore my MySQL database and most of the files. Not all files are present via the FTP but they said that's all they could do. 
 
I might as well start all over and use different cart software. Maybe one that has more security. ZenCart is great but I want something a bit more secure.