Forums

The forums ran from 2008-2020 and are now closed and viewable here as an archive.

Home Forums Other What to do with a Malware-holder website, when you are its owner

  • This topic is empty.
Viewing 15 posts - 1 through 15 (of 21 total)
  • Author
    Posts
  • #38255
    farzadina
    Participant

    I have 3 domain on my Host. 2 numbers of them have Malware. (as google say)

    I have several questions about this:

    1. My 3 website files are in 3 different folders. Can a damaged folder (= folder that have Malware), make the others damaged (= give other folders that virus)?

    2. Can a full-format clean the host?

    3. One my Websites made by WordPress. If I get a backup of my posts, and then format the host, install wordpress and upload my posts again, can the Malware back to the hosts? (Can the Malware be in my posts backup?)

    4. Is formatting the host and then Install wordpress again and upload my posts backup, bad for SEO?

    Thanks.

    #103615
    Paulie_D
    Member

    Quite often Chrome will throw out the ‘Malware’ warning if there are links to other sites which contain malware. I’ve seen it when a user’s avatar was hosted elsewhere and that site had it. Once the avatar was deleted the warning went away.

    You might want to check exactly what it is that Google are saying. Is it that your site contains malware or that it ‘contains links’ to malware?

    That might make a difference.

    #103626
    farzadina
    Participant

    Ok, I contacted my – Linux – host administrator and they get a full scan of my files and found 5 .php virus in one of my domains. I deleted all of that domain (I don’t need that anymore)
    Can I be sure that my host is totally clean and make a GoogleWMT review?

    #103649
    farzadina
    Participant

    No, they are mine.
    There is 3 domain on my public_html. How I can be sure that no file of them haven any virus or malware script?

    #103763
    farzadina
    Participant

    One of my Websites made by WordPress. If I get a backup of my posts > format the host > install wordpress and upload my posts again, can the Malware back to the host? (Can the Malware script be in my posts backup?)

    #103786
    chrisburton
    Participant

    Which WordPress files were compromised?

    #103794
    BobbyJones
    Member

    Make sure you have up-to-date anti virus software installed on ALL computers that you own that have administrative and FTP access to your servers then run a FULL (emphasis on full NOT quick) scan on ALL of your computers. This will eliminate the possibility of them gaining access to your server through a Trojan on one of your computers. After that you can scan your site to see if it still has malware via many online site security companies like Sucuri (http://sucuri.net/) or Website Defender (http://www.websitedefender.com/). Hope this helps.

    #103805
    farzadina
    Participant

    @BobbyJones After a Full local scan and cleaning my PC, how I can remove my current website’s malware(s)? Should I use a – premium account of a – defender website or I can do that with a manual check?

    @traq
    I contacted them. They said I remove all of my host’s files and then upload them again, with a strong exactitude. I’m not sure about this solution.
    @ChristopherBurton Sorry, I couldn’t understand your purpose about compromised files.

    #103811
    chrisburton
    Participant

    Which files were compromised, as in hacked?

    #103814
    mevaser
    Participant

    I have fixed website that have this problem, first question, what server service do you use? How much do they help you. If you need some help send me an email.

    Cheers,

    #103816
    BobbyJones
    Member

    To clean the malware from your site does require some expertise, if you are not comfortable with or not experienced with dealing with site security issues like this then yes I would recommend you sign-up with either Sucuri or website defender. These companies will clean your site for you, as well as doing some basic things to try to prevent your site from becoming re-infected, additionally they will monitor your site so long as you have an account with them, and keep cleaning your site should it get malware again.

    #103817
    chrisburton
    Participant

    @traq is correct. My hosting company even went as far as terminating accounts to those who weren’t updating WordPress as it was effecting other account holders.

    #103822
    farzadina
    Participant

    @traq Maybe I said something about my host client wrong. These are my sites, not their sites. And this malware is -only – in my website’s files. Also with this description, should they be responsible and interested in fixing problem by them selves? If yes, it looks I should get a better host!

    @mevaser
    I sent you a message.

    @BobbyJones
    Thanks. If I migrate to a suitable host – like HostGator – should I use those security websites yet or they (e.g. Hostgator) do that for me?
    @ChristopherBurton I don’t know completely with files were compromised, I think some javascript codes made me this problem. Was that what your purpose?

    #103829
    farzadina
    Participant

    I think you can help me to remove the malware code by my self, because all of my files are less than 30 number. (all of the .html .js and .css files)
    *As I said, I have 3 domains. I checked them on Sucuri, just 2 number of them have malware and blacklisted and one of them is 100% clean.
    I get a full scan of my PC with Nod32, and now I can say it’s clean. So should do the second step and cleaning my host.
    I need your help to do that:
    I removed all of website’s files, but yet ‘Sucuri’ say me that there is malware-holder file yet. Why? (My host show hidden files also)
    Can the malware be somewhere else that public_html?
    The sucuri say that security warning URL is on: http://mydomain.com/404javascript.js
    Why/How I can’t/can see that file?

    Thanks.

    #103830
    skunkbad
    Member

    Also, besides the good advice that BobbyJones gave about making sure your computers don’t have viruses or trojans, make sure to use encrypted FTP, and make sure you don’t store your passwords on your computer. Once, about 3 years ago, I was on my home network and doing some plain FTP. The websites I was working on got malicious code, and even after I removed it, it just kept coming back. The problem was that my mom’s computer, on the same network, had a trojan/virus that was sniffing network traffic. It was taking my FTP login and sending it out to somebody else, and then that person could do anything they wanted to do to my websites! If I had used encrypted FTP, it would have never happened. I was reading about the trojan/virus, and it was capable of grabbing stored passwords, so I stopped storing them on the computer. Yes, it is a hassle to enter them every time, but it will save you from big headaches.

Viewing 15 posts - 1 through 15 (of 21 total)
  • The forum ‘Other’ is closed to new topics and replies.