graphic_designer
asked on
Website Hacked with Virus, how to find the source?
Recently all the web page I made (index.htm only) were hacked and implanted with viruses. I have since replaced all infected pages with my backup files and they don't have virus warning anymore by the anti virus software. Then 2 days later it was infected again.
I WANT to find the hacked source.
I just replaced all the index.htm pages with all the original, non-infected files. These pages are now not infected. I want to find the source before it gets infected again. I also change all my ftp passwords. The only thing I can think of is I downloaded "filezilla" free ftp upload software days before this happened, and I saved my ftp login on the software. Is this it? or something else? like unverified dreamweaver ?
Please help!
I WANT to find the hacked source.
I just replaced all the index.htm pages with all the original, non-infected files. These pages are now not infected. I want to find the source before it gets infected again. I also change all my ftp passwords. The only thing I can think of is I downloaded "filezilla" free ftp upload software days before this happened, and I saved my ftp login on the software. Is this it? or something else? like unverified dreamweaver ?
Please help!
Check your server that hosts your website.
what phenomenal and how do you know it infected?
I have no clues to guess the problem.
what phenomenal and how do you know it infected?
I have no clues to guess the problem.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Godaddy.com is my hosting server. they are so big, I don't think it's coming from them, I could call them and ask.
I know it was infected because when I access all the website that I made, my anti virus software detects a "malware", google search also warn against visiting my sites. (I have many different domains and pages, but only index.htm and index.htmls are infected) When I look on the server, the files' modification dates are 2 days after my upload. I never logon the day of the modification date.
Just days before this happened, my computer was infected with virus. My pc has since been cleaned and no longer have any viruses. I have changed my ftp passwords.
What do you mean by: "stealing Cached FTP credential" ?
Do I need to change my other "non-ftp" passwords/login info?
What else do I got to do to prevend future website virus infection?
Thanks.
I know it was infected because when I access all the website that I made, my anti virus software detects a "malware", google search also warn against visiting my sites. (I have many different domains and pages, but only index.htm and index.htmls are infected) When I look on the server, the files' modification dates are 2 days after my upload. I never logon the day of the modification date.
Just days before this happened, my computer was infected with virus. My pc has since been cleaned and no longer have any viruses. I have changed my ftp passwords.
What do you mean by: "stealing Cached FTP credential" ?
Do I need to change my other "non-ftp" passwords/login info?
What else do I got to do to prevend future website virus infection?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
it could have been an hosting probem
CT