need to remoe some virus/threats from a website

Posted on 2010-01-02
Last Modified: 2013-11-22

hello group,

I was checking a website (given to me to fix) and I noticed when I browse or get to a page having images AVG throws a message showing the path/image file name claiming :

"exploit link to known exploit site"

What is this ?
How can I clean it ?

Question by:akohan
    LVL 17

    Expert Comment

    Download and scan with MBAM here...

    Sounds like some sort of redirector or hijack.

    Author Comment


    do you mean I have to scan/clean server?

    LVL 38

    Accepted Solution


    It sounds like you've been hit by an iframe injection or something similar.

    There's some good information in this previously asked question:

    In general, you are going to need to examine all of the files on your web server, and remove any iframes or links that don't belong. The fastest way to do this is to overwrite the web files with a clean version from your local system - but beware, sometimes it's your local system that's infected, and you are transmitting it to the website (had a client with that problem just last month - I spent a day cleaning up his website, only for him to re-connect and re-infect it all).

    You also need to change your web hosting passwords, and you may need to work on cleanup with your hosting provider - they need to help determine how the attackers got in, so they don't come back and re-install the nasties again. If you have any forms, a Content Management System or shopping cart, etc, they may be getting in that way, so you'll need to check that code to make sure they can't come back.

    Hope that helps,

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Threat Intelligence Starter Resources

    Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

    I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
    This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
    Learn how to set up basic frames and paths in Prezi and understand the open space that Prezi allows you to create presentations in.
    Learn how to download your full Prezi presentation for offline presenting. Prezi doesn’t have to be viewed and shared in a web browser, even with a free account you can download your full presentation to share with others. Be sure to download any vi…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now