Mobile app version of vmapp.org
Login or Join
Sarah324

: Google detects Malware on my website Recently Google has been blocking my website after detecting Malware on it. I have checked through the files and can't spot any Malware that might have been

@Sarah324

Posted in: #Google #Malware

Recently Google has been blocking my website after detecting Malware on it. I have checked through the files and can't spot any Malware that might have been inserted anywhere and no additional files have been added from what I can see. In the diagnostics> Malware section og googles webmaster tools for the site it says "Malware Google has not detected any malware on this site." Also on stopbadware.org the website is not on their clearing house.

The site is melfordschoolofmotoring.co.uk.

So why is google detecting malware?

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Sarah324

2 Comments

Sorted by latest first Latest Oldest Best

 

@Chiappetta492

Is also connecting to the following host
146.185.254.245/s.php andhttp://91.196.216.49/s.php.

just delete the whole folder from your host, and upload fresh files, look in google to secure website using the htaccess file.

Change ftp password as well, something similar happened to my website a while ago, all my php files where infected with a malicious script. My hosting provider was massively attacked and the attackers created a script to infect many websites in this host.

10% popularity Vote Up Vote Down


 

@Turnbaugh106

The message I get in chrome says:


melfordschoolofmotoring.co.uk contains content from 31.184.242.103, a
site known to distribute malware. Your computer might catch a virus if
you visit this site.


If you look at your website's headers using livehttp headers (see note below about how I found this code) you'll see a request for 146.185.254.245/s.php which is probably what is inserting the code below into the head of your page before the dtd:- var _0x8ab7=

It's stealthy because I couldn't see this code in chrome or an agent that looks at the page as if it's the googlebot, only in a private browsing session in firefox.

I would check your include files, htaccess files and root directory very carefully to look for signs of a hack. I would also check your file and directory permissions are 755 for directories and 644 for files.

Beyond that consider some security software like website defender and signing up for webmaster tools. Once you've found and cleaned up the infection submit a reconsideration request to google via the webmaster tools account.

I could just be the hack, but your site's performance is pretty bad, it may be worth considering a new host as page load speed is a factor for google and I can't see why some simple php includes would take so long to load. Keep an eye on performance once you've cleaned up.

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme