Google found malware on my site

[Babadinho]

Google found malware on my site guruslodge.com. I scanned with some online scanner cnt find anything. I need help on how to go abt this problem. Tnx

[kat]

Did they tell you what malware it was?

[Babadinho]

Two trojans and one virus. My links are clean when i scan online. Dnt know what can be causing this.

[kat]

Best to contact Google, I expect.

[Babadinho]

Here is a review

www.google.com/safebrowsing/diagnostic?site=www.guruslodge.com/login

[Babadinho]

google flagged my site on the sixteenth. I want to restor backup of files in my site day back. Dnt know if it wil help

[Ricky.]

IT says:
What is the current listing status for www.guruslodge.com?

    This site is not currently listed as suspicious.

    Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

Restoring backup is fine but rather try to find why it happened, from where that program came ?

[Babadinho]

IT says:
What is the current listing status for www.guruslodge.com?

    This site is not currently listed as suspicious.

    Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

Restoring backup is fine but rather try to find why it happened, from where that program came ?

thats what i dnt even know how to do.

[kat]

I'd file a report with your host. Their logs might have some clues.

[Ricky.]

Take full backup of your site to local computer, remove anything unwanted, clean your hosting account and upload things back.
If you can delete and recreate hosting account then it would be even better as something hacker hides things to most hard to track location. I have been through something similar, I had to clean my site 3 times to finally pin point the real cause (a hidden trojan kind of file)..

[Babadinho]

Take full backup of your site to local computer, remove anything unwanted, clean your hosting account and upload things back.
If you can delete and recreate hosting account then it would be even better as something hacker hides things to most hard to track location. I have been through something similar, I had to clean my site 3 times to finally pin point the real cause (a hidden trojan kind of file)..

i think thats the point. Its a file am having issue with. I dnt know where its located.

[MrPhil]

If Google is now reporting that the site is clean, you or your host must have done something to clean it up. If that has happened, there is nothing to find.

Nevertheless, you can take some precautions to reduce the chances of further reinfection:

• Upgrade website applications to current/latest levels
• Search for and apply patches to any known security problems in your website applications
• Scan all PCs used to access your server or site (for administrative purposes) for spyware, viruses, and other malware, especially keystroke loggers and password sniffers. These could be passing on your passwords to the bad guys as soon as you type them in.
• Once PCs are certified clean, change every password in sight: site hosting access, FTP, application admin(s), etc.
• Check hosting access logs to see if someone unauthorized got in recently, and how they might have gotten in

If you suspect that something already on your site is reinfecting you, you'll have to either wipe your site and reinstall all applications and modifications (reusing the database(s) after inspecting them), or go through all your applications line by line looking for something suspicious (e.g., odd garbage strings being fed to base64_decode()). Needless to say, you should have some familiarity with PHP and with all applications on your site.