WordPress.org

Ready to get started?Download WordPress

Forums

Malware detected (7 posts)

  1. martincritten
    Member
    Posted 2 years ago #

    Hi, I'm just starting to get to grips with webmaster tools (google) and it detected malware. I've installed antivirus 3. scan and notify and getting a couple of red bars - just discovered the support is in german and no good. But the sotfware shows a block in red where there's a danger then - There is no virus; View line 86require_once( $locale_file ) etc.

    What next ? I'm no coder; and the site lives in dreamhost so theres no FTP launching. Is there a better plug in for detecting and bouncing malware,viruses and trojans without having to dig and root them out manually? Or can anyone advise what to do here.

    Thanks Martin

  2. esmi
    Forum Moderator
    Posted 2 years ago #

  3. martincritten
    Member
    Posted 2 years ago #

    Thanks for pointing me in the right direction; the weirdest thing though, had a scan check done by Securi Site Check, another wordpress rated plug in and it gave me a clean bill of health??? And if I signed up with them to do the biz for me, it would have been 89 dollars a year.

    Will have a read tho - thanks

    Regards martin

  4. perezbox
    Member
    Posted 2 years ago #

    Hi

    What do you mean there is no FTP launching in Dreamhost? They do in fact offer FTP, pull it from your CPANEL in FTP accounts.

    esmi provided a number of good links. Both the ones from SiteCheck and Unmask will give you real time scans of the site and if it finds anything they'll tell you what it is. You can navigate through the pages to remove the infection.

    If you're not looking to do that then another option you have is to download the site directory and have your local AV scan it. If for nothing else to identify where the stuff is. I'd caution against using the default remove or delete though or you might find yourself in a world of hurt.

    Thanks

  5. @perezbox said:

    If you're not looking to do that then another option you have is to download the site directory and have your local AV scan it.

    This will do absolutely nothing and is a waste of time. AV for PCs will not pickup encoded php eval strings. PC virii and php web-based malware are completely different animals.

    @martincritten: Stick with the links @esmi posted.

  6. perezbox
    Member
    Posted 2 years ago #

    Hi @songdogtech

    Are you saying the only infections he should consider are encoded PHP eval strings? Is there nothing else a local AV would pick up from infected files?

    Interesting advise..

  7. perezbox
    Member
    Posted 2 years ago #

    @martincritten

    You sound like a novice, but if you're not there are other methods you can use via SSH. Just let us know.

    If you're curious to see some of the other malware types that could be affecting you take a look here: http://blog.sucuri.net/2012/04/sucuri-sitecheck-web-malware-distribution-march-2012.html. This is a compilation of malware distribution for the month of March, follow the links and it'll give you more info on the various types.

    Local AV's will pick up some of these, without knowing what you have it'll be hard to advise, but never turn away a potential tool... lesson learned long ago..

Topic Closed

This topic has been closed to new replies.

About this Topic