Solved

Bing thinks website contains malware, google does not (any more); what to do?

Posted on 2014-07-31
8
168 Views
Last Modified: 2015-03-18
The website zettlercontrols.com has a malware infection. The infection modified some JavaScript files within wordpress and created an iframe to redirect the user (that what google told me).

I cleaned all the files pointed out by Google webmaster tools and Google confirmed that it is clean now.

However, Bing Webmaster tools thinks it is still infected but does not tell me where the infection is.

I installed Comodo Virus scan for Ubuntu and it did not find any infection.

Can somebody recommend a good Malware scanner (online scanner or for installation) working with Ubuntu 14.04?

You may take a peak at www.zettlercontrols.com, but be aware that this site might be infected. If you do so, it is at your own risk.

Thank you for helping.
0
Comment
Question by:zettler92656
8 Comments
 
LVL 26

Expert Comment

by:Thomas Zucker-Scharff
ID: 40233139
Try an f-secure online scan.  You can also upload any suspicious files to virustotal.com.
0
 
LVL 78

Accepted Solution

by:
David Johnson, CD, MVP earned 168 total points
ID: 40233155
http://sitecheck.sucuri.net/results/www.zettlercontrols.com/
reports that sohos has blacklisted your site and you are using an outdated version of apache
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 166 total points
ID: 40234048
"apt-get upgrade" will install all applicable patches.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:zettler92656
ID: 40235356
I got more information. Yandex thinks that the Trojan is called "JSRedir-LH". Does someone has experience with how to detect and remove?
0
 
LVL 61

Expert Comment

by:gheist
ID: 40235378
So your site has been hacked. Install new server and restore from backup before incident.
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 166 total points
ID: 40242536
variants of this malware are known to steal ftp passwords and infect sites so you additionally most likely need to use different passwords. it is also more than likely likely that at least one of the hosts used to update the site is infected (possibly by a different malware)

grab an idea here : http://en.wikipedia.org/wiki/Gumblar it is not exactly the same as yours but shares quite a few concepts including infecting sites with redirectors
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now