How to fix: Warning: Visiting this site may harm your computer - domainameat.cc

By: William Alexander Emailed: 1698 times Printed: 2200 times    

Latest comments
By: rohit kumar - how this program is work
By: Kirti - Hi..thx for the hadoop in
By: Spijker - I have altered the code a
By: ali mohammed - why we use the java in ne
By: ali mohammed - why we use the java in ne
By: mizhelle - when I exported the data
By: raul - no output as well, i'm ge
By: Rajesh - thanx very much...
By: Suindu De - Suppose we are executing

If google redirects all your visitors to this warning below: Warning: Visiting this site may harm your computer!
The website at www.yoursite.com contains elements from the site domainameat.cc, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.

Then, probably your site has been infected with malware. Ok first things first, be cool and dont panic. This could be resolved. If you open your FTP and closely check your PHP files, you will see some lines of code on top of the page that starts with eval(base64_decode(.............................

index.php could be the file affected or it could have affected almost all of your php files.

You will have to remove these lines of code from your files. If you have to do manually, it will be a nightmare.

So just follow these steps to do it automatically.

1. Copy the below code and save it into a file. And name it as 'fix.php'.

<?php
set_time_limit(0);

$dir = "./";

$rmcode = `find $dir -name "*.php" -type f |xargs sed -i 's#<?php /\*\*/ eval(base64_decode("aWY.*?>##g' 2>&1`;
echo "Malware removed.<br />\n";
$emptyline = `find $dir -name "*.php" -type f | xargs sed -i '/./,$!d' 2>&1`;
echo "Empty lines removed.<br />\n";
?>
<br />
Completed.

2. Now upload this file to your website. (save it in the folder where your index.php file resides). 3. Open your browser and call this file (eg. http://www.yoursite.com/fix.php)

Be patient, depending on your site, it may take very long. That is why the time out limit is set to unlimited in the above code. Be sure, all the affected files will be restored back to normal.

What the above code does is, to search for all the php files that containst the infected code and deletes those lines. Then the emptyline code removes the empty lines from the file as well.

Cheers. Your site is now restored to normal.

PHP Home | All PHP Tutorials | Latest PHP Tutorials

Sponsored Links

If this tutorial doesn't answer your question, or you have a specific question, just ask an expert here. Post your question to get a direct answer.



Bookmark and Share

Comments(7)


1. View Comment

I did this exactly.
In my case, the fix.php file took very long time and finally looked like it hangs.
But I am now able to access my site and I can see the fix.php has infact deleted the infected lines from the php files.
So I ran the fix.php file more than once to make sure all the files were cleaned in my site, as my site is huge.


View Tutorial          By: Manorasa at 2010-06-29 23:32:24
2. View Comment

Hi,

Can we use this fix.php on the Joomla CMS attacked websites?

Thanks!


View Tutorial          By: Chriz at 2010-07-05 09:22:57
3. View Comment

Hi Chriz,
Yes it should work on any site. Because all it does is to look for that string of affected code and remove them from all the files in that directory including subdirectories. So it will work on any site.

However, I would advise you to take a backup of the site before running this.


View Tutorial          By: William at 2010-07-10 20:54:24
4. View Comment

Good,

Thank you man.


View Tutorial          By: Goldo at 2010-07-12 14:56:14
5. View Comment

hi i have used this code in my site. and it says
Malware removed.
Empty lines removed.

Completed.
but i am still getting the same error..??
what should i do now?


View Tutorial          By: Jawad at 2011-01-16 06:31:00
6. View Comment

Hi, thank you so much for this. I am going to give it a try now.

On another note, do you know why this site hack happened in the first place and what we can do to prevent it in the future (or decrease chances of it happening)? Thanks!


View Tutorial          By: Eddie at 2011-02-21 14:10:04
7. View Comment

Hi, I used your fix and it looks like it worked fine for Chrome and Safari browsers but the automated cleaning looks like it broke the frames for Firefox. The site looks completely wrong now on Firefox. Do you know what this might be about? Thanks!

View Tutorial          By: Eddie at 2011-02-21 18:41:06

Your name (required):


Your email(required, will not be shown to the public):


Your sites URL (optional):


Your comments:



More Tutorials by William Alexander
Big Data - An Introduction
Browser Based Communications - WebRTC
Internet of Things
Migration from IPV4 to IPV6
What is IAAS?
How to fix: Warning: Visiting this site may harm your computer - domainameat.cc
Google Wave - Get Ready for the next big wave from Google
What is Google Apps?
What is cloud computing?
What is SaaS?

More Tutorials in PHP
PHP code to import from CSV file to MySQL
PHP code to write to a CSV file from MySQL query
PHP code to write to a CSV file for Microsoft Applications
Convert XML to CSV in PHP
Password must include both numeric and alphabetic characters - Magento
PHP file upload (Large Files)
PHP file upload prompts authentication for anonymous users
PHP file upload with IIS on windows XP/2000 etc
Error: Length parameter must be greater than 0
Multiple File Upload in PHP using IFRAME
Resume or Pause File Uploads in PHP
Exception in module wampmanager.exe at 000F15A0 in Windows 8
Handling file locks in PHP
HTML table output using Nested for loops in PHP
Count occurrences of a character in a String in PHP

More Latest News
Most Viewed Articles (in PHP )
isset() function in PHP
Using Text file as database in PHP
Convert IP address to integer and back to IP address in PHP
Traversing Arrays Using foreach in PHP
public, protected, and private Properties in PHP
parent:: AND self:: in PHP
Using Cookies in PHP
preg_replace() and preg_replace_callback() in PHP
preg_split() and explode() in PHP
GDBM, NDBM, DB2, DB3, DBM, and CDB Databases in PHP
Parent: child process exited with status 3221225477 -- Restarting
A Basic Example using PHP in AWS (Amazon Web Services)
Function to return number of digits of an integer in PHP
Retrieve multiple rows from mysql and automatically create a table in PHP
Get the first and last day of the month in PHP
Most Emailed Articles (in PHP)
Traversing Arrays Using foreach in PHP
preg_split() and explode() in PHP
GDBM, NDBM, DB2, DB3, DBM, and CDB Databases in PHP
Sorting an Array in PHP
fixEncoding in PHP
Assignment operators in PHP
switch Statements in PHP
preg_match(), function preg_match_all(), preg_grep() in PHP
Reading .CSV file in PHP
Encrypting files using GnuPG (GPG) via PHP
Where does the PHP run?
Setting up PHP in Windows 2003 Server IIS7, and WinXP 64
Perl's Encoding::FixLatin equivalent in PHP
break out of an if() block in PHP
PHP file upload with IIS on windows XP/2000 etc