SitePoint Sponsor

User Tag List

Results 1 to 6 of 6
  1. #1
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Scanning for malware locally

    Hi

    I have been told by my host there is malware on my website. Google is putting up a big red warning page not to enter my site. I went into webmaster tools to find which pages have been affected. Only the index page was affected. I went into this page and found lots of strange script at the base of the page which i deleted and put the page back up. However google advises me to actually scan this page.

    How can i scan this page locally?

    I have mcaffe on my computer.

    thank you for your time.

  2. #2
    Life is not a malfunction gold trophysilver trophybronze trophy
    TechnoBear's Avatar
    Join Date
    Jun 2011
    Location
    Argyll, Scotland
    Posts
    6,207
    Mentioned
    264 Post(s)
    Tagged
    5 Thread(s)
    Do you not have an option to scan your site on the server? If you're using cPanel, then you should have ClamAV available.

  3. #3
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by TechnoBear View Post
    Do you not have an option to scan your site on the server? If you're using cPanel, then you should have ClamAV available.
    I have plesk unfortunately and I have just checked with the support and there is no facility.

    The page itself is a very simple html and css page. I was actually advised to tkae out the injected code. well when i went into the script of the page there was all this goodledegook at the bottom which I just deleted and put the page back up.

    I just dont want to request a review from Google and for have them to come back to me and say its still unclean.

    I just need a way to scan it locally or remotely

  4. #4
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,653
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    c27,

    If you're on a 'nix host (Plesk is primarily used by Windows hosts), you can have the host setup a "maldet scan" in CRON.

    If you download your website files, you can easily run a WinMerge comparison between your "master files" and the downloaded files.

    However, since you HAVE been hacked, change all your passwords immediately, remove FTP accounts, etc., as detailed in another recent thread.

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator

  5. #5
    SitePoint Evangelist
    Join Date
    May 2007
    Location
    Kent in Uk
    Posts
    538
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks guys.

    I did it locally in the end using Macaffee. I've now put it back up, Google reviewed it and have taken down the warning page.

    Thanks for your help,

    regards,

    Nick

  6. #6
    SitePoint Member
    Join Date
    Aug 2011
    Location
    New Jersey, USA
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It's very possible to scan the infected page locally, but first I'd download the files into an external drive and perform full scans using a current version of anti-virus software already loaded on the system. Chances are that the infections would be detected and removed successfully.
    Quality Tech Support for resolving virtually all computer related technical issues!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •