How to fix: Warning: Visiting this site may harm your computer - domainameat.cc

By: William Alexander Emailed: 1728 times Printed: 2329 times    

Latest comments
By: rohit kumar - how this program is work
By: Kirti - Hi..thx for the hadoop in
By: Spijker - I have altered the code a
By: ali mohammed - why we use the java in ne
By: ali mohammed - why we use the java in ne
By: mizhelle - when I exported the data
By: raul - no output as well, i'm ge
By: Rajesh - thanx very much...
By: Suindu De - Suppose we are executing

If google redirects all your visitors to this warning below: Warning: Visiting this site may harm your computer!
The website at www.yoursite.com contains elements from the site domainameat.cc, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

Then, probably your site has been infected with malware. Ok first things first, be cool and dont panic. This could be resolved. If you open your FTP and closely check your PHP files, you will see some lines of code on top of the page that starts with eval(base64_decode(.............................

index.php could be the file affected or it could have affected almost all of your php files.

You will have to remove these lines of code from your files. If you have to do manually, it will be a nightmare.

So just follow these steps to do it automatically.

1. Copy the below code and save it into a file. And name it as 'fix.php'.

<?php
set_time_limit(0);

$dir = "./";

$rmcode = `find $dir -name "*.php" -type f |xargs sed -i 's#<?php /\*\*/ eval(base64_decode("aWY.*?>##g' 2>&1`;
echo "Malware removed.<br />\n";
$emptyline = `find $dir -name "*.php" -type f | xargs sed -i '/./,$!d' 2>&1`;
echo "Empty lines removed.<br />\n";
?>
<br />
Completed.

2. Now upload this file to your website. (save it in the folder where your index.php file resides). 3. Open your browser and call this file (eg. http://www.yoursite.com/fix.php)

Be patient, depending on your site, it may take very long. That is why the time out limit is set to unlimited in the above code. Be sure, all the affected files will be restored back to normal.

What the above code does is, to search for all the php files that containst the infected code and deletes those lines. Then the emptyline code removes the empty lines from the file as well.

Cheers. Your site is now restored to normal.

PHP Home | All PHP Tutorials | Latest PHP Tutorials

Sponsored Links

If this tutorial doesn't answer your question, or you have a specific question, just ask an expert here. Post your question to get a direct answer.



Bookmark and Share

Comments(7)


1. View Comment

I did this exactly.
In my case, the fix.php file took very long time and finally looked like it hangs.
But I am now able to access my site and I can see the fix.php has infact deleted the infected lines from the php files.
So I ran the fix.php file more than once to make sure all the files were cleaned in my site, as my site is huge.


View Tutorial          By: Manorasa at 2010-06-29 23:32:24
2. View Comment

Hi,

Can we use this fix.php on the Joomla CMS attacked websites?

Thanks!


View Tutorial          By: Chriz at 2010-07-05 09:22:57
3. View Comment

Hi Chriz,
Yes it should work on any site. Because all it does is to look for that string of affected code and remove them from all the files in that directory including subdirectories. So it will work on any site.

However, I would advise you to take a backup of the site before running this.


View Tutorial          By: William at 2010-07-10 20:54:24
4. View Comment

Good,

Thank you man.


View Tutorial          By: Goldo at 2010-07-12 14:56:14
5. View Comment

hi i have used this code in my site. and it says
Malware removed.
Empty lines removed.

Completed.
but i am still getting the same error..??
what should i do now?


View Tutorial          By: Jawad at 2011-01-16 06:31:00
6. View Comment

Hi, thank you so much for this. I am going to give it a try now.

On another note, do you know why this site hack happened in the first place and what we can do to prevent it in the future (or decrease chances of it happening)? Thanks!


View Tutorial          By: Eddie at 2011-02-21 14:10:04
7. View Comment

Hi, I used your fix and it looks like it worked fine for Chrome and Safari browsers but the automated cleaning looks like it broke the frames for Firefox. The site looks completely wrong now on Firefox. Do you know what this might be about? Thanks!

View Tutorial          By: Eddie at 2011-02-21 18:41:06

Your name (required):


Your email(required, will not be shown to the public):


Your sites URL (optional):


Your comments:



More Tutorials by William Alexander
Big Data - An Introduction
Browser Based Communications - WebRTC
Internet of Things
Migration from IPV4 to IPV6
What is IAAS?
How to fix: Warning: Visiting this site may harm your computer - domainameat.cc
Google Wave - Get Ready for the next big wave from Google
What is Google Apps?
What is cloud computing?
What is SaaS?

More Tutorials in PHP
PHP code to import from CSV file to MySQL
PHP code to write to a CSV file from MySQL query
PHP code to write to a CSV file for Microsoft Applications
Convert XML to CSV in PHP
Password must include both numeric and alphabetic characters - Magento
PHP file upload (Large Files)
PHP file upload prompts authentication for anonymous users
PHP file upload with IIS on windows XP/2000 etc
Error: Length parameter must be greater than 0
Multiple File Upload in PHP using IFRAME
Resume or Pause File Uploads in PHP
Exception in module wampmanager.exe at 000F15A0 in Windows 8
Handling file locks in PHP
HTML table output using Nested for loops in PHP
Count occurrences of a character in a String in PHP

More Latest News
Most Viewed Articles (in PHP )
isset() function in PHP
Parent: child process exited with status 3221225477 -- Restarting
Different versions of PHP - History and evolution of PHP
A Basic Example using PHP in AWS (Amazon Web Services)
public, protected, and private Properties in PHP
Using Cookies in PHP
Handling BLOB in PHP and MySQL
Renaming and Removing Files in PHP
preg_replace() and preg_replace_callback() in PHP
Reading word by word from a file in PHP
Installing PHP 5.x with Apache 2.x on HP UX 11i and configuring PHP 5.x with Oracle 9i
Function to return number of digits of an integer in PHP
History and origin of PHP
.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Using list() in PHP
Most Emailed Articles (in PHP)
.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Different versions of PHP - History and evolution of PHP
The new keyword and constructors in PHP
public, protected, and private Methods in PHP
preg_replace() and preg_replace_callback() in PHP
Iterating Through an Array in PHP
Appending One Array to Another in PHP
Decrypting files using GnuPG (GPG) via PHP
Setting up PHP in Windows 2003 Server IIS7, and WinXP 64
Running different websites on different versions of PHP in Windows 2003 & IIS6 platform
Warning: session_start(): open .... failed - PHP error
Malware: global $ob_starting;
Function to convert strings to strict booleans in PHP
Function to sort array by elements and count of element in PHP
Error: Length parameter must be greater than 0