?
Solved

Bing thinks website contains malware, google does not (any more); what to do?

Posted on 2014-07-31
8
Medium Priority
?
199 Views
Last Modified: 2015-03-18
The website zettlercontrols.com has a malware infection. The infection modified some JavaScript files within wordpress and created an iframe to redirect the user (that what google told me).

I cleaned all the files pointed out by Google webmaster tools and Google confirmed that it is clean now.

However, Bing Webmaster tools thinks it is still infected but does not tell me where the infection is.

I installed Comodo Virus scan for Ubuntu and it did not find any infection.

Can somebody recommend a good Malware scanner (online scanner or for installation) working with Ubuntu 14.04?

You may take a peak at www.zettlercontrols.com, but be aware that this site might be infected. If you do so, it is at your own risk.

Thank you for helping.
0
Comment
Question by:zettler92656
6 Comments
 
LVL 30

Expert Comment

by:Thomas Zucker-Scharff
ID: 40233139
Try an f-secure online scan.  You can also upload any suspicious files to virustotal.com.
0
 
LVL 85

Accepted Solution

by:
David Johnson, CD, MVP earned 672 total points
ID: 40233155
http://sitecheck.sucuri.net/results/www.zettlercontrols.com/
reports that sohos has blacklisted your site and you are using an outdated version of apache
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 664 total points
ID: 40234048
"apt-get upgrade" will install all applicable patches.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:zettler92656
ID: 40235356
I got more information. Yandex thinks that the Trojan is called "JSRedir-LH". Does someone has experience with how to detect and remove?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40235378
So your site has been hacked. Install new server and restore from backup before incident.
0
 
LVL 27

Assisted Solution

by:skullnobrains
skullnobrains earned 664 total points
ID: 40242536
variants of this malware are known to steal ftp passwords and infect sites so you additionally most likely need to use different passwords. it is also more than likely likely that at least one of the hosts used to update the site is infected (possibly by a different malware)

grab an idea here : http://en.wikipedia.org/wiki/Gumblar it is not exactly the same as yours but shares quite a few concepts including infecting sites with redirectors
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Spectre and Meltdown, how it affects me and my clients?
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question