Hi
Yesterday i got an meesage from google that my site may have badware or badware links so it may harm other computers. So checked and found a file in ftp as public_html.hacked and i removed it so how can i know that the malware or badware are still in hidden my site or if it clears how can i contact google to say that my site is clean of badware or malware right now? Help me please . my site is http://loseweightfastpro.com
zshan
Hello :-),
Jaal Scan ID # 689436-721 output
Malicious code detected on line 286 of loseweightfastpro.com
starts with
<!—if rame src=“hxxp://n ipk elo.net/?click=241713” width=1 height=1 style="visibili>
Please look at the copy of the page on the server, if you cannot locate this code, it is probably being injected at runtime, when a user is requesting the page. It might be useful to then wipe out the hosting directory and check for malware, on the server and in the backend database. You can also ask for help from your hosting provider. Please check out other pages too.
If you have any specific issues feel free to ask for help.
Also, I am collecting info from people affected by attacks like this, if it would be possible for you to share your experience, could you kindly shoot me a mail at a.banerje e @ s top the hac ker .com (please remove the spaces).
We also provide vulnerability identification and mitigation services to help websites from being infected in the first place.
Hope this helps,
-A
Dr. Anirban Banerjee,
Jaal LLC, Riverside, CA.
www.stopthehacker.com
Jaal: Protecting the Internet, one website at a time™
In addition to the page that anirban identified, there are multiple other pages with the same code. You may want to request the full scan from Dasient to identify other pages.
http://wam.dasient.com/wam/diagnose?URL=loseweightfastpro.com&scan_id=22433
(copy and paste this URL in your browser)
In addition, you may want to use the following resources to guide you in thoroughly reviewing your site.
Tips for Cleaning & Securing your Website
How to remove the ‘This site may harm your computer’
Once you are certain that your site is clean and secure, you should “Request a Review” through your Google Webmaster Tools account. Your site must be added and ownership verified before you will be able to see the malware warning and get to the “Request a Review” link.
Google Webmaster Tools
Google Malware FAQ – Request a Review
Edit: I didn’t see your last post before I posted my response. Please ask your hosting provider to assist you in determining how your site got hacked, so that the vulnerability can be fixed. You don’t want this to happen again as soon as you get it fixed.
I don’t see the previous problems. Go ahead and “Request a Review” through Google Webmaster Tools. Links provided in my previous post.
*Add the site to Google Webmaster Tools
*Verify ownership of the site
*Select the site so you can see the Dashboard for that site
*Click on [ More Details } from the red malware warning bar
*Click on “Request a Review” and complete the form
*Wait a few hours to a day or so for the warning to be removed from the search results (IF the site is clean)
*Check your messages in Google Webmaster Tools for messages related to the status of your review
*Clean your local computer of any virus/trojan capable of capturing FTP credentials and change all of your passwords – many current web-site hacks are the result of stolen FTP credentials being used by the hackers to modify your site
*Upgrade any blog, forum, gallery, CMS or other script to reduce vulnerabilities created by outdated code
*Confirm that the web-host has updated anything they are responsible for
