Malware-Content/EN/Solution Tips
If your domain was found in malware lists:
Take down the website!
If your website is accessed by a user, there is a risk that the user's computer will be infected with malicious software. Taking down the website will also prevent Google from removing your website from its index, which would delete a positive ranking. You also avoid being blocked by your hosting provider.
- Find out how and when it was possible for third parties to access your domain.
Check your logfiles for unauthorized access from unknown Quell-IP-Adressen. As a starting point for your investigation, the time stamp of the manipulated or uploaded file can give you a hint when the attack happened and by which gateway the attackers gained access.
- Change your login data!
- Web frontend (hosting contract, Content Management Systems)
- FTP or SSH access
- Database
- Restore a malware-free backup!
To do this, delete all the files on your webspace. In this way, you will make sure that you do not overlook malicious files from the compromised system which were used as a backdoor by the attackers. Before restoring from the backup, make sure that the intended backup is not yet infected by the malicious code that we detected, and if necessary, use an even older backup. If the backup is malware-free, restore it and then install any updates for your system. Only after this is done, put the website back online.
- If you do not have a backup of your website, consider a completely new installation. Manual cleanups usually take up a lot of time and should only be carried out by qualified experts.
- Check your local computer for malicious software! The website botfrei.de offers helpful information and software. With the EU-Cleaner, you can remove various malicious programs from your computer. (https://www.botfrei.de/de/eucleaner/index.html)
