Solved

Bing thinks website contains malware, google does not (any more); what to do?

Posted on 2014-07-31
8
179 Views
Last Modified: 2015-03-18
The website zettlercontrols.com has a malware infection. The infection modified some JavaScript files within wordpress and created an iframe to redirect the user (that what google told me).

I cleaned all the files pointed out by Google webmaster tools and Google confirmed that it is clean now.

However, Bing Webmaster tools thinks it is still infected but does not tell me where the infection is.

I installed Comodo Virus scan for Ubuntu and it did not find any infection.

Can somebody recommend a good Malware scanner (online scanner or for installation) working with Ubuntu 14.04?

You may take a peak at www.zettlercontrols.com, but be aware that this site might be infected. If you do so, it is at your own risk.

Thank you for helping.
0
Comment
Question by:zettler92656
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 40233139
Try an f-secure online scan.  You can also upload any suspicious files to virustotal.com.
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 168 total points
ID: 40233155
http://sitecheck.sucuri.net/results/www.zettlercontrols.com/
reports that sohos has blacklisted your site and you are using an outdated version of apache
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 166 total points
ID: 40234048
"apt-get upgrade" will install all applicable patches.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:zettler92656
ID: 40235356
I got more information. Yandex thinks that the Trojan is called "JSRedir-LH". Does someone has experience with how to detect and remove?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40235378
So your site has been hacked. Install new server and restore from backup before incident.
0
 
LVL 27

Assisted Solution

by:skullnobrains
skullnobrains earned 166 total points
ID: 40242536
variants of this malware are known to steal ftp passwords and infect sites so you additionally most likely need to use different passwords. it is also more than likely likely that at least one of the hosts used to update the site is infected (possibly by a different malware)

grab an idea here : http://en.wikipedia.org/wiki/Gumblar it is not exactly the same as yours but shares quite a few concepts including infecting sites with redirectors
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question