Over the past few days I have found unfamiliar files—random .php, .ico, even oddly-named folders—sprinkled throughout every directory on my dedicated server. WordPress sites that once loaded instantly now throw 404 errors, run painfully slow, and the logs keep flagging unauthorized access attempts. Even after I delete a file, a near-identical copy sometimes reappears, so I know the issue is alive across all server directories, not just a single website. What I need right now is a complete file-level sweep and cleanup. The job is to locate every malicious or suspicious item, quarantine or erase it without touching legitimate code, and then get my WordPress installations back to normal. Once the filesystem is clean, I also want a concise report explaining what was found, what was removed, and recommended next steps to tighten security. In the ftp directory of each cpanel accounts, i see strange folders claiming to be cpanels. is it possible to review the folders and re-create cpanel folders where possible? You’ll be working over SSH with full root access, so experience with tools such as Imunify360, wp-cli integrity checks, and standard permission resets will be useful. Automated scripts are welcome as long as they’re documented for future use. Deliverables: • Comprehensive scan of all server directories • Safe removal or quarantine of infected or suspicious files • Restoration of WordPress sites so pages load correctly and no 404s persist • Post-cleanup report detailing actions taken, files affected, and preventive recommendations I can open a maintenance window to minimise user impact; an initial pass within 24 hours would be ideal. One of my wordpress site is now always down with the below error: [28] Timeout was reached (Operation timed out after 30001 milliseconds with 0 bytes received)