我怎样才能修复＃c3284d＃黑客恶意广告在我的网站？ [英] How can I fix the #c3284d# malvertising hack on my website?

问题描述

有关在半定期在过去的几个星期，本网站已在＃ c3284d＃恶意软件code插入到它的一些PHP文件。此外.htaccess文件有其equivelant code插入。我曾经在很多场合删除的恶意code，替换的文件，改变了FTP密码在我的FTP客户端（这是CoreFTP），改变了连接方法FTPS的密码（而不是纯文本）的更安全的存储

我也扫描使用的AVG和Windows Defender已发现我的电脑可能已经被存储我的FTP密码上没有恶意软件在我的电脑几次。

我用 Sucuri SiteCheck 来检查我的网站，该网站说我的网站是清除恶意软件这是奇怪的，因为我只是尝试点击网站上的链接之一，一分钟前，它连接我到另外一个这些随机stats.php网站，尽管它似乎我已清除＃c3284d的＃$ C $再次C（这无疑将在一个小时左右重新插入不知）。

有没有人发现这个恶意软件的一个实际可行的解决办法破解？

我已经做了几乎所有的东西建议<一href="http://www.gadgehit.com/2012/07/23/how-to-fix-c3284d-stats-php-malware-issues/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-fix-c3284d-stats-php-malware-issues"相对=nofollow>这里和这里和问题仍然存在。

目前，当我点击在谷歌浏览器的网站导航菜单中的链接，我得到谷歌的恶意软件警告页面：

  

警告：不对了这里！ oxsanasiberians.com包含   恶意软件。如果你访问这个网站，您的计算机可能会中毒。   谷歌已经发现，恶意软件可能会被安装到您的   电脑，如果你继续。如果你访问此网站在过去或   你信任这个网站，这是可能的，它最近刚刚被   由黑客破坏。你不应该继续。为什么不再试一次   明天还是去别的地方？我们已经通知   oxsanasiberians.com我们发现恶意软件的网站上。欲了解更多有关   在oxsanasiberians.com发现的问题，请访问谷歌安全   浏览诊断页。

解决方案

我haved确切同样的问题。

我想该网站是通过小部件感染了，因为我用一个插件至极允许执行PHP code。

我最好的解决办法是：

  -eliminate可疑插件;
 - 请参阅时间和一个被感染的文件（我的情况：header.php文件）的日期;
 - 清除所有被感染文件（在我的情况我有一个网站的备份）;
 - 搜索到当时的可疑IP地址的日志文件（搜索瑶池IP地址的黑名单）;
-install 1插件禁止可疑的IP地址。
 

从那个时候起这个问题就消失了。

For the past couple of weeks at semi regular intervals, this website has had the #c3284d# malware code inserted into some of its .php files. Also the .htaccess file had its equivelant code inserted. I have, on many occasions removed the malicious code, replaced files, changed the ftp password on my ftp client (which is CoreFTP), changed the connection method to FTPS for more secure storage of the password (instead of plain text).

I have also scanned my computer several times using AVG and Windows Defender which have found no malware on my computer which might have been storing my ftp passwords.

I used Sucuri SiteCheck to check my website which says my website is clean of malware which is bizarre because I just attempted to click one of the links on the site a minute ago and it linked me to another one of these random stats.php sites, even though it appears I have gotten rid of the #c3284d# code again (which will no doubt be re-inserted somehow in an hour or so)..

Has anyone found an actual viable solution for this malware hack?

I have done just about all of the things suggested here and here and the problem still persists.

Currently when I click on a link within the sites navigation menu within Google Chrome I get googles Malware warning page:

Warning: Something's Not Right Here! oxsanasiberians.com contains malware. Your computer might catch a virus if you visit this site. Google has found that malicious software may be installed onto your computer if you proceed. If you've visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker. You should not proceed. Why not try again tomorrow or go somewhere else? We have already notified oxsanasiberians.com that we found malware on the site. For more about the problems found on oxsanasiberians.com, visit the Google Safe Browsing diagnostic page.

解决方案

I haved exact the same problem.

I guess the site was infected through the widgets, because I use one plugin wich allows PHP code to be executed.

My best solution was:

-eliminate the suspicious widget;
-see the time and date of one infected file(my case: header.php); 
-clear all infected files(in my case I have a backup of the site); 
-search into log file for suspicious IPs at that time (search finded IPs on blacklists); 
-install one plugin to ban suspicious IPs.

From that moment the problem was gone.

这篇关于我怎样才能修复＃c3284d＃黑客恶意广告在我的网站？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！