What to do with a Malware-holder website, when you are its owner

[farzadina]

I have 3 domain on my Host. 2 numbers of them have Malware. (as google say)

I have several questions about this:

1. My 3 website files are in 3 different folders. Can a damaged folder (= folder that have Malware), make the others damaged (= give other folders that virus)?

2. Can a full-format clean the host?

3. One my Websites made by WordPress. If I get a backup of my posts, and then format the host, install wordpress and upload my posts again, can the Malware back to the hosts? (Can the Malware be in my posts backup?)

4. Is formatting the host and then Install wordpress again and upload my posts backup, bad for SEO?

Thanks.

[Paulie_D]

Quite often Chrome will throw out the ‘Malware’ warning if there are links to other sites which contain malware. I’ve seen it when a user’s avatar was hosted elsewhere and that site had it. Once the avatar was deleted the warning went away.

You might want to check exactly what it is that Google are saying. Is it that your site contains malware or that it ‘contains links’ to malware?

That might make a difference.

[farzadina]

Ok, I contacted my – Linux – host administrator and they get a full scan of my files and found 5 .php virus in one of my domains. I deleted all of that domain (I don’t need that anymore)
Can I be sure that my host is totally clean and make a GoogleWMT review?

[farzadina]

No, they are mine.
There is 3 domain on my public_html. How I can be sure that no file of them haven any virus or malware script?

[farzadina]

One of my Websites made by WordPress. If I get a backup of my posts > format the host > install wordpress and upload my posts again, can the Malware back to the host? (Can the Malware script be in my posts backup?)

[chrisburton]

Which WordPress files were compromised?

[BobbyJones]

Make sure you have up-to-date anti virus software installed on ALL computers that you own that have administrative and FTP access to your servers then run a FULL (emphasis on full NOT quick) scan on ALL of your computers. This will eliminate the possibility of them gaining access to your server through a Trojan on one of your computers. After that you can scan your site to see if it still has malware via many online site security companies like Sucuri (http://sucuri.net/) or Website Defender (http://www.websitedefender.com/). Hope this helps.

[farzadina]

@BobbyJones After a Full local scan and cleaning my PC, how I can remove my current website’s malware(s)? Should I use a – premium account of a – defender website or I can do that with a manual check?

@traq I contacted them. They said I remove all of my host’s files and then upload them again, with a strong exactitude. I’m not sure about this solution.
@ChristopherBurton Sorry, I couldn’t understand your purpose about compromised files.

[chrisburton]

Which files were compromised, as in hacked?

[mevaser]

I have fixed website that have this problem, first question, what server service do you use? How much do they help you. If you need some help send me an email.

Cheers,

[BobbyJones]

To clean the malware from your site does require some expertise, if you are not comfortable with or not experienced with dealing with site security issues like this then yes I would recommend you sign-up with either Sucuri or website defender. These companies will clean your site for you, as well as doing some basic things to try to prevent your site from becoming re-infected, additionally they will monitor your site so long as you have an account with them, and keep cleaning your site should it get malware again.

[chrisburton]

@traq is correct. My hosting company even went as far as terminating accounts to those who weren’t updating WordPress as it was effecting other account holders.

[farzadina]

@traq Maybe I said something about my host client wrong. These are my sites, not their sites. And this malware is -only – in my website’s files. Also with this description, should they be responsible and interested in fixing problem by them selves? If yes, it looks I should get a better host!

@mevaser I sent you a message.

@BobbyJones Thanks. If I migrate to a suitable host – like HostGator – should I use those security websites yet or they (e.g. Hostgator) do that for me?
@ChristopherBurton I don’t know completely with files were compromised, I think some javascript codes made me this problem. Was that what your purpose?

[farzadina]

I think you can help me to remove the malware code by my self, because all of my files are less than 30 number. (all of the .html .js and .css files)
*As I said, I have 3 domains. I checked them on Sucuri, just 2 number of them have malware and blacklisted and one of them is 100% clean.
I get a full scan of my PC with Nod32, and now I can say it’s clean. So should do the second step and cleaning my host.
I need your help to do that:
I removed all of website’s files, but yet ‘Sucuri’ say me that there is malware-holder file yet. Why? (My host show hidden files also)
Can the malware be somewhere else that public_html?
The sucuri say that security warning URL is on: http://mydomain.com/404javascript.js
Why/How I can’t/can see that file?

Thanks.

[skunkbad]

Also, besides the good advice that BobbyJones gave about making sure your computers don’t have viruses or trojans, make sure to use encrypted FTP, and make sure you don’t store your passwords on your computer. Once, about 3 years ago, I was on my home network and doing some plain FTP. The websites I was working on got malicious code, and even after I removed it, it just kept coming back. The problem was that my mom’s computer, on the same network, had a trojan/virus that was sniffing network traffic. It was taking my FTP login and sending it out to somebody else, and then that person could do anything they wanted to do to my websites! If I had used encrypted FTP, it would have never happened. I was reading about the trojan/virus, and it was capable of grabbing stored passwords, so I stopped storing them on the computer. Yes, it is a hassle to enter them every time, but it will save you from big headaches.

[Author]

Posts