How to fix: Warning: Visiting this site may harm your computer - domainameat.cc

By: William Alexander Emailed: 1646 times Printed: 2119 times    

Latest comments
By: rohit kumar - how this program is work
By: Kirti - Hi..thx for the hadoop in
By: Spijker - I have altered the code a
By: ali mohammed - why we use the java in ne
By: ali mohammed - why we use the java in ne
By: mizhelle - when I exported the data
By: raul - no output as well, i'm ge
By: Rajesh - thanx very much...
By: Suindu De - Suppose we are executing

If google redirects all your visitors to this warning below: Warning: Visiting this site may harm your computer!
The website at www.yoursite.com contains elements from the site domainameat.cc, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

Then, probably your site has been infected with malware. Ok first things first, be cool and dont panic. This could be resolved. If you open your FTP and closely check your PHP files, you will see some lines of code on top of the page that starts with eval(base64_decode(.............................

index.php could be the file affected or it could have affected almost all of your php files.

You will have to remove these lines of code from your files. If you have to do manually, it will be a nightmare.

So just follow these steps to do it automatically.

1. Copy the below code and save it into a file. And name it as 'fix.php'.

<?php
set_time_limit(0);

$dir = "./";

$rmcode = `find $dir -name "*.php" -type f |xargs sed -i 's#<?php /\*\*/ eval(base64_decode("aWY.*?>##g' 2>&1`;
echo "Malware removed.<br />\n";
$emptyline = `find $dir -name "*.php" -type f | xargs sed -i '/./,$!d' 2>&1`;
echo "Empty lines removed.<br />\n";
?>
<br />
Completed.

2. Now upload this file to your website. (save it in the folder where your index.php file resides). 3. Open your browser and call this file (eg. http://www.yoursite.com/fix.php)

Be patient, depending on your site, it may take very long. That is why the time out limit is set to unlimited in the above code. Be sure, all the affected files will be restored back to normal.

What the above code does is, to search for all the php files that containst the infected code and deletes those lines. Then the emptyline code removes the empty lines from the file as well.

Cheers. Your site is now restored to normal.

PHP Home | All PHP Tutorials | Latest PHP Tutorials

Sponsored Links

If this tutorial doesn't answer your question, or you have a specific question, just ask an expert here. Post your question to get a direct answer.



Bookmark and Share

Comments(7)


1. View Comment

I did this exactly.
In my case, the fix.php file took very long time and finally looked like it hangs.
But I am now able to access my site and I can see the fix.php has infact deleted the infected lines from the php files.
So I ran the fix.php file more than once to make sure all the files were cleaned in my site, as my site is huge.


View Tutorial          By: Manorasa at 2010-06-29 23:32:24
2. View Comment

Hi,

Can we use this fix.php on the Joomla CMS attacked websites?

Thanks!


View Tutorial          By: Chriz at 2010-07-05 09:22:57
3. View Comment

Hi Chriz,
Yes it should work on any site. Because all it does is to look for that string of affected code and remove them from all the files in that directory including subdirectories. So it will work on any site.

However, I would advise you to take a backup of the site before running this.


View Tutorial          By: William at 2010-07-10 20:54:24
4. View Comment

Good,

Thank you man.


View Tutorial          By: Goldo at 2010-07-12 14:56:14
5. View Comment

hi i have used this code in my site. and it says
Malware removed.
Empty lines removed.

Completed.
but i am still getting the same error..??
what should i do now?


View Tutorial          By: Jawad at 2011-01-16 06:31:00
6. View Comment

Hi, thank you so much for this. I am going to give it a try now.

On another note, do you know why this site hack happened in the first place and what we can do to prevent it in the future (or decrease chances of it happening)? Thanks!


View Tutorial          By: Eddie at 2011-02-21 14:10:04
7. View Comment

Hi, I used your fix and it looks like it worked fine for Chrome and Safari browsers but the automated cleaning looks like it broke the frames for Firefox. The site looks completely wrong now on Firefox. Do you know what this might be about? Thanks!

View Tutorial          By: Eddie at 2011-02-21 18:41:06

Your name (required):


Your email(required, will not be shown to the public):


Your sites URL (optional):


Your comments:



More Tutorials by William Alexander
Big Data - An Introduction
Browser Based Communications - WebRTC
Internet of Things
Migration from IPV4 to IPV6
What is IAAS?
How to fix: Warning: Visiting this site may harm your computer - domainameat.cc
Google Wave - Get Ready for the next big wave from Google
What is Google Apps?
What is cloud computing?
What is SaaS?

More Tutorials in PHP
PHP code to import from CSV file to MySQL
PHP code to write to a CSV file from MySQL query
PHP code to write to a CSV file for Microsoft Applications
Convert XML to CSV in PHP
Password must include both numeric and alphabetic characters - Magento
PHP file upload (Large Files)
PHP file upload prompts authentication for anonymous users
PHP file upload with IIS on windows XP/2000 etc
Error: Length parameter must be greater than 0
Multiple File Upload in PHP using IFRAME
Resume or Pause File Uploads in PHP
Exception in module wampmanager.exe at 000F15A0 in Windows 8
Handling file locks in PHP
HTML table output using Nested for loops in PHP
Count occurrences of a character in a String in PHP

More Latest News
Most Viewed Articles (in PHP )
Exception in module wampmanager.exe at 000F15A0 in Windows 8
isset() function in PHP
.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
Handling BLOB in PHP and MySQL
Reading Cookie Values in PHP
Parent: child process exited with status 3221225477 -- Restarting
Cannot load /usr/local/apache/libexec/libphp4.so into server: ld.so.1:......
Get the next working day in PHP
Return multiple values from a function in PHP
History and origin of PHP
superglobals in PHP
Assignment operators in PHP
public, protected, and private Properties in PHP
Reading contents of a File into a String in PHP
Reading word by word from a file in PHP
Most Emailed Articles (in PHP)
PHP code to write to a CSV file for Microsoft Applications
PHP code to write to a CSV file from MySQL query
PHP code to import from CSV file to MySQL
Convert XML to CSV in PHP
Using PEAR::Crypt_HMAC in PHP
Password must include both numeric and alphabetic characters - Magento
GDBM, NDBM, DB2, DB3, DBM, and CDB Databases in PHP
Resume or Pause File Uploads in PHP
Comparison operators in PHP
Extract files from a .zip file using PHP
Appending One Array to Another in PHP
Exception in module wampmanager.exe at 000F15A0 in Windows 8
isset() function in PHP
do...while Loops in PHP
Counting Lines, Paragraphs, or Records in a File using pc_split_paragraphs() in PHP