cancel
Showing results for 
Search instead for 
Did you mean: 

AVG Warning

egrog52
Grafter
Posts: 80
Registered: ‎22-06-2007

AVG Warning

I just attempted to go to my website and my anti-virus said it has a Blackhole Exploit Kit (Type 2371) and am completely at a loss as to how to fix it. 
The website is gchristison.plus.com
8 REPLIES 8
Gabe
Community Veteran
Posts: 767
Registered: ‎29-10-2008

Re: AVG Warning

First steps, upload temporary index.html to stop others getting infected. Change ftp password. Scan own PC for infection. There's a lot of it about.
Gabe
Oldjim
Community Veteran
Posts: 38,460
Thanks: 1,035
Fixes: 62
Registered: ‎15-06-2007

Re: AVG Warning

Kaspersky isn't happy either
thejudge
Grafter
Posts: 611
Thanks: 6
Registered: ‎01-08-2007

Re: AVG Warning

Nor Avast!
egrog52
Grafter
Posts: 80
Registered: ‎22-06-2007

Re: AVG Warning

All very strange as I have not done anything to it for several years.
spraxyt
Superuser
Superuser
Posts: 10,063
Thanks: 1,369
Fixes: 75
Registered: ‎06-04-2007

Re: AVG Warning

It's not what you've done to it, unfortunately your website has been hacked, and the hacker will have changed your files. The hacker may have gained access to the site by infecting your own computer perhaps with a key-stroke logger and stealing your password, or by cracking it.
This is why the first step is to make sure your own computer is not infected by malware, then change your account password - I think that also changes your Homepages website password. Make sure the new password is a strong one, at least 8 characters, not a dictionary word and include mixed case letters, digits and special characters.
Note that next time you connect your broadband you will have to use the new password; if you are using a Plusnet easy start router that should change automatically. You also need to use the new password to collect email from your default mailbox.
Hopefully you have a back-up copy of all files on the website so you can delete current ones (which are potentially infected) and replace them all with clean ones.
David
egrog52
Grafter
Posts: 80
Registered: ‎22-06-2007

Re: AVG Warning

Ok have just removed everything from htdocs but left with a folder (logs) is that normal.
spraxyt
Superuser
Superuser
Posts: 10,063
Thanks: 1,369
Fixes: 75
Registered: ‎06-04-2007

Re: AVG Warning

Yes this is normal. The logs folder is owned by and written to by the webstats processes that run in the early hours each morning to store access logs relating to your websites. You (or a hacker) shouldn't be able to write to that folder.
David
egrog52
Grafter
Posts: 80
Registered: ‎22-06-2007

Re: AVG Warning

Having changed my password I set about attempting to upload the website with the new settings, to no avail. It would appear that changing the main password has not changed the website password because the old password works fine and the new one doesn't.