1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Malicious Content On My Site

Discussion in 'White Hat SEO' started by bpenn34, Jan 21, 2012.

  1. bpenn34

    bpenn34 Junior Member

    Joined:
    Mar 28, 2010
    Messages:
    104
    Likes Received:
    11
    I went to check on my ecommerce store today and google informed me I have malicious content on my site. I have no idea how to remove it. I cannot even figure out what files I need to repair. Anybody know how to fix this problem? I changed all my passwords. Any help would be appreciated


    On a side note. BHW is also listed as having malware but thats not gonna stop me from reading the forums :p
     
  2. the_demon

    the_demon Jr. Executive VIP

    Joined:
    Nov 23, 2008
    Messages:
    3,177
    Likes Received:
    1,563
    Occupation:
    Search Engine Marketing
    Location:
    The Internet
    Sometimes it's a false report if you encrypt your JavaScript code.
     
  3. HostStage

    HostStage Jr. VIP Jr. VIP Premium Member UnGagged Attendee

    Joined:
    May 20, 2010
    Messages:
    1,771
    Likes Received:
    1,730
    Occupation:
    BHW - CEO of Webhosting Company
    Location:
    BWH from France
    Home Page:
    Well unfortunatly i start to have a bit experience in that peculiar field.

    What you want to do is to download your whole website directory and compare it to the one you have on your computer.

    Try with the index.php file.

    then once you have found what is different and identify the malicious code, you open a program such as dreamweaver :

    Ctrl + F : select the folder you have downloaded
    Paste the code you want to remove
    Replace it with nothing

    Reupload your website, and change the password AFTER you did so.


    My 2cents, GL
     
  4. BHopkins

    BHopkins Moderator Staff Member Moderator Jr. VIP

    Joined:
    Dec 31, 2010
    Messages:
    2,311
    Likes Received:
    1,387
    Gender:
    Male
    Occupation:
    ORM and SEO company owner
    Location:
    California
    Home Page:
    A good host can find the infected files. Hostgator found and cleaned over 40 files for me and gave me a list of outdated Wordpress installs.
     
  5. HostStage

    HostStage Jr. VIP Jr. VIP Premium Member UnGagged Attendee

    Joined:
    May 20, 2010
    Messages:
    1,771
    Likes Received:
    1,730
    Occupation:
    BHW - CEO of Webhosting Company
    Location:
    BWH from France
    Home Page:
    I agree with this, you could ask to your web hosting services to do it for you.

    If they don't want and you don't know how, hit me up with a PM, i may be able to help you.
     
  6. benmarvin

    benmarvin Junior Member

    Joined:
    Sep 18, 2008
    Messages:
    116
    Likes Received:
    13
    There's various scanners you can run for any domain. Also Wordpress plugins that can search for malicious code.
     
  7. bizroot

    bizroot Supreme Member

    Joined:
    Feb 25, 2008
    Messages:
    1,345
    Likes Received:
    912
    Location:
    In My Computer
    Just ask your webshosting provider and they will clean it, also change your cpanel, ftp passwords, delete any unwanted ftp or other user accounts... Not tough it happens with every one especially when you keeping easy passwords...
     
  8. BFHoodn!nja

    BFHoodn!nja Regular Member

    Joined:
    Jun 18, 2011
    Messages:
    246
    Likes Received:
    89
    This happened to me this morning too. I went straight to site.org/wp-login and google chrome warned me there might be malicious content/malware on the site and asked me if I wanted to continue. I panicked, check the site with google safebrowsing diagnostics:

    Code:
    http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=YOURSITE.COM&client=googlechrome&hl=en
    and it showed nothing. Then I told friends to go to my site with chrome and even checked it on another site and again no warning...
     
  9. TR0J4N

    TR0J4N Registered Member

    Joined:
    Jul 16, 2010
    Messages:
    99
    Likes Received:
    17
    Occupation:
    unemployed
    Location:
    My PC
    try to scan your website

    Code:
    http://www.unmaskparasites.com

    Code:
    http://sitecheck.sucuri.net/scanner/
     
  10. JackSparrow

    JackSparrow Supreme Member

    Joined:
    Mar 24, 2007
    Messages:
    1,469
    Likes Received:
    2,054
    Occupation:
    Semi-Employed Pirate
    Location:
    search 4 blackhatsparrow
    Home Page:
    This happened to me when i was using scrapebox a lot, maybe the webmasters were reporting my website for excessive spam.
     
  11. BFHoodn!nja

    BFHoodn!nja Regular Member

    Joined:
    Jun 18, 2011
    Messages:
    246
    Likes Received:
    89
    Edit: fixed it now! Thanks for those sites
     
    Last edited: Jan 21, 2012
  12. MKelly

    MKelly Regular Member

    Joined:
    Aug 27, 2010
    Messages:
    233
    Likes Received:
    117
    Location:
    UK
    Always keep wordpress up to date, have very long passwords with special characters in them.