I took over hosting two small sites a month ago. The sites are both PHP and are on my Linux VPS. last month I started a Google PPC campaign for my client. Last week, we received an email from Google that they found malware on both sites.
I don't create or approve of anything like that. Google did not provide any information regarding where the malware is. i have both sites downloaded on my local drive and have run scans on both using multiple spyware/malware utilities and nothing is found.
Can anyone provide assistance on identifying malware on a site?
- The notices from Google might have been phake, used for phishing purposes.
- Links from the site might point to sites containing malware. They might also point to sites that point to sites containing malware.
- Some malware software identifies most cookies as malware.
- It's rare, but I once had a malware detection program identify an image I took with my own camera as containing a virus. It turned out that the bit patterns in part of the image matched the bit patterns in a known virus. Slightly changing the brightness level of the image fixed this.
- Some detectors see certain scripts as malware.
- If the notices are based on user reports, a user might have reported malware he already had, because it started to manifest itself while he was viewing your page.
- Likewise, a user might have reported malware that was caused by another internet node pretending to be your page.
many advertising sites have had malware issues before
If you have embedded advertising scripts those sites that host the script could be the only source.
If the google email were correct, and not a phishing run,
the detail will be available at the google webmaster tools page, instructions on site
Take ownership of the sites at Google, instructions on site
then you can access logs and error reports. instructions on site
When you do take ownership of the sites, remove the prior access key, -you guessed- instructions on site