Host has detected Malware! Help!!!

[cmckeef]

My host company contacted me and said that Malware was detected within a file on my site. The directory they said was "infected" is "../photos/docs/etc/royal-dumpe-dinner-threatre/map.html".

I searched through my media manager, scoured all the source code, tried to look up "royal-dumpe-dinner-threatre" (which is exactly that - a threatre), and followed the URL - which I'm pretty sure it is definitely some type of virus.

My site will be shut down if I don't find out how to get this file off my site. I have no idea where the file is; I have never even heard of it!

Please help, I don't know where else to turn.

Thank you.

[SiteScriptors]

You should be able to simply use your FTP client or Cpanel File Manager to delete the offending file. That should satisfy your hosting provider.

Then, and this is extremely important, run--don't walk--to the Joomla! Security Center and start reading! Start with the Joomla! Administrators Security Checklist and continue on from there.

In general, you're going to need to go through your log files and possibly work with your hosting service's tech support to see if you can figure out how the hacker got in. Then, you'll need to delete your entire site and restore it from a backup that you know is clean. By then, you've hopefully buttoned down your site so that it doesn't get hacked in the future.

Sorry to hear you got hacked, and good luck recovering!

[BoardBoss]

My host company contacted me and said that Malware was detected within a file on my site. The directory they said was "infected" is "../photos/docs/etc/royal-dumpe-dinner-threatre/map.html".

I searched through my media manager, scoured all the source code, tried to look up "royal-dumpe-dinner-threatre" (which is exactly that - a threatre), and followed the URL - which I'm pretty sure it is definitely some type of virus.

My site will be shut down if I don't find out how to get this file off my site. I have no idea where the file is; I have never even heard of it!

Please help, I don't know where else to turn.

Thank you.

Hi - I run a hosting company, so let me give you my advice for deleting this file. Ask your hosting company to delete it. Since you can't find the file, maybe they already did.

[Webdongle]

Deleting one file will not secure your site.

Check your PC for viruses etc.

Delete all folders/files and drop all the database tables.

Install a clean back up.

Update your Joomla

Read http://forum.joomla.org/viewtopic.php?f=432&t=475313

[michael11]

Check out the google safebrowser report for your domain, it can give you as for where to find the problem. Search google.

[BoardBoss]

@ SiteScriptors Did you ever get a resolution for this?

[hankin]

Try Sucuri.net I have had a similar problem and I'm in the process of trying to resolve this. Verisign has not detected the malware but sucuri did. Verisign are trying to fix the problem. Any news your end?

[mandville]

Hankin - Please do not post on old/abandoned topics.