Help Finding Hacker Malware

by 101millionAds

Posted: 12 years ago 8 replies

PROGRAMMING

Hello,

Unfortunatly all of my websites was hacked some time ago and i still have not found the redirect code that the hacker implemented to redirect all of my websites to a website called Gafa-pro.ru

I have installed a plugin called bulletproof sequrity and that helps my sites from being redirected by creating a new htaccess file but the code/malware is still somewhere in the files.

Is there anyone here who knows how to locate this hacker in my files - I actuall don't know where to look anymore

Annette

#finding #hacker #malware

OldLodgeSkins 12 years ago

Hi,

Did you look if there was a meta redirect in your header?
Also try to disable JavaScript in your browser. If you don't get redirected then it's some JS code somewhere that's executed when the page loads. If you do get redirected with JS disabled then it's most likely a meta redirect.

Seb.
- Thanks
Signature

Do you use Facebook ? Then you can make money just by inviting people to a Facebook group ! It's called the Instant Income System. How cool is that?
{{ DiscussionBoard.errors[6281029].message }}
101millionAds 12 years ago

I disabled Javascript and nothing happend.Any idea on what code to seach for in the header.php?
- Thanks
Signature

It's official: Instant Article Wizard 4.0 (IAW4) has launched!
{{ DiscussionBoard.errors[6282712].message }}
OldLodgeSkins 12 years ago
It doesn't have to be in the header if it's a JS redirection.
A typical JS redirection would look like this:
Code:

<script type="text/javascript">  </script>
So have a look at the source code of your page once it is loaded and search for something similar.
Searching for the word "location" should help you find it. Then you'll have a confirmation it's a JS redirection and maybe that'll give you an idea where it is.
- [ 1 ] Thanks
Signature

Do you use Facebook ? Then you can make money just by inviting people to a Facebook group ! It's called the Instant Income System. How cool is that?
{{ DiscussionBoard.errors[6283555].message }}
electrobooks 12 years ago

Hi Annette,

Look for a free site scanner online and run it. Its likely that searching for the url wont work as it will be encoded. Once you find a file with the offending code in it you can search all of your files for that offending string of code.

There are a number of free site scanners online and I use them on all of my hosting accounts as you can easily identify the files that have been hacked.

Cheers

Chris
- [ 1 ] Thanks
{{ DiscussionBoard.errors[6283926].message }}
CrossHash 12 years ago

Hi Annette .. whats the website address ?
- Thanks
Signature

Paul Morris
{{ DiscussionBoard.errors[6291643].message }}
101millionAds 12 years ago

Hi,

I got all my websites hacker free 2 days ago with the help of a great guy at Bluehost support
- Thanks
- 1 reply
Signature

It's official: Instant Article Wizard 4.0 (IAW4) has launched!
{{ DiscussionBoard.errors[6302590].message }}
- System Wide Solutions 12 years ago
  
  Originally Posted by 101millionAds
  
  Hi,
  
  I got all my websites hacker free 2 days ago with the help of a great guy at Bluehost support
  
  Didnt they tell you about where was the code?
  
  Thanks
  
  Signature
  
  | SEO Consultant | Shane Hunter |
  
  {{ DiscussionBoard.errors[6395187].message }}
pavionjsl 12 years ago

One free online scanner is Sucuri SiteCheck - Free Website Malware Scanner
- Thanks
Signature

Dog Attacks Getting Worse In London
{{ DiscussionBoard.errors[6384157].message }}

Help Finding Hacker Malware

Trending Topics

A healthy fascination for Hollywood...

How did you turn it all around?

Any thoughts on golf's latest phenom...Scottie Scheffler??

What's the Best IM-Related Skill to Learn Today That Can Help in the Future?

best high quality crypto traffic.