Reported Attack Site!
This web site at www.remivladuceanu.com has been reported as an attack site and has been blocked based on your security preferences….
After deleting the following malware script from my main index page and requested a review on Google’s Webmaster Tools, I still get the same message.
Here’s the script I found (also I discovered it was injected in robots.txt)
My site has WordPress installed and I wouldn’t want to delete everything and install it again…
What else could I do? Is there a service that scans my online pages to detect and remove malware? Or how can i solve this issue?
Thanks you
You still have that infectious code in some of your files.
I found it in:
parapanta/index.html
recommends/InfoMillionaire/index.html
freelinks/index.html
contact/index.html
If you remove all of them, then you might be clean. It’s too difficult to tell if it’s in your database or just infected in the index.html files although as I type this, if it’s only in the index.html files I would think that it’s the result of a virus on a PC with FTP access to this website.
The viruses steal FTP login credentials from PCs (not Macs – yet), sends them to a server which then carries out the infection.
These viruses also “learn” how to evade detection from the currently installed anti-virus program so you may need to install a different anti-virus program than what you’re currently using.
Many have reported good success with AVG, Avast or Avira. If you already use one of these, install one of the others. Use this with Malwarebytes and you should be able to find and remove the virus/trojan.
Then change all FTP passwords to your website.
After all of that, request a review from Google (not a reconsideration).
Post back here with any questions or results you may have.
Thank you.
Thomas J. Raef
“We Watch Your Website – so you don’t have to!”
http://www.wewatchyourwebsite.com
traef@wewatchyourwebsite.com
Thomas,
Thank you so much for replying to my message. I did as you suggested and found some bugs on my PC with Avast and also with Malwarebytes.
I cleaned my PC and changed the master-password on my ftp account from cpanel.
But in google’s webmaster tool my sites where still listed as dangerous.
So I had to manually browse all my files and directories and look for the mentioned script. Luckily for me, the malware was inserted only in index files.
I deleted all the bad code and sent a new request to google.
I just checked my account and I’m happy to say, google is pleased :)
I still don’t know if the malware is resident in my database. Is there a way to find out?
Anyways, thank you again for helping me. I appreciate it very much. i was beginning to think that I won’t be able to solve this issue.
And since I’m not a professional programmer or have anything to do with website security, you can probably guess how terrified I was :)
As a sign of appreciation I would like to post a review about http://www.wewatchyourwebsite.com if it’s ok with you. Just let me know and I’ll get right to it… It’s the least I can do…
Remi Vladuceanu
http://www.remivladuceanu.com
Aw shucks.
I can’t stop you from posting a review. (I wouldn’t anyway)
Thank you for the feedback.
As far as your database goes, you can do a mysqldump to a text file and scan through that with a text editor.
I’m not sure if your hosting provider uses cpanel or some other access to phpmyadmin, but if you need help in doing the mysqldump, let the forum know and either we’ll help you or somebody else will.
It sounds like you’ve cleaned it all, but it’s always a good idea to check it anyway.
Thank you againg for the kind words.
Thomas J. Raef
“We Watch Your Website – so you don’t have to!”
http://www.wewatchyourwebsite.com
traef@wewatchyourwebsite.com
