hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Malware: PUA.HTML.Infected.WebPage-2
Reply

Forum Jump

Malware: PUA.HTML.Infected.WebPage-2

Reply Post New Thread In Hosting Security and Technology Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old
Newbie
 
Join Date: Dec 2010
Location: Online
Posts: 13

Malware: PUA.HTML.Infected.WebPage-2


Hello Everyone.

I have a small issue with one of our sites. I recently did a VirusTotal.com scan and discovered one infection/malware "PUA.HTML.Infected.WebPage-2". I tried searching the forums and Googled the term, but hardly could find any information to remove the infection. We installed "ClamAV" and "Malware detect" but there was no indication of any malware on the hosting.

Can someone please help?

__________________
Awesome Logo & Web Design Service. Really! - Web Design Portfolio / Logo Design Portfolio



Sponsored Links
  #2  
Old
Web Hosting Master
 
Join Date: Jun 2007
Location: Australia
Posts: 819
I'm assuming you uploaded a PHP or HTML file to VirusTotal. Hackers will sometimes inject malicious code into PHP or HTML files.

__________________



  #3  
Old
Web Hosting Guru
 
Join Date: Aug 2011
Location: India
Posts: 283
Hello
The chance for a malware or virus attack on a Linux server is very low. Normally files uploaded through an infected machine will be the culprit . In such cases , you need to change your Cpanel and mysql password first and then perform a detailed scan on your machine with updated anti-virus. Once the machine is confirmed to be secure, download the webcontents and then remove the malware entries and upload it back. Stop the habit of storing site login credentials on applications like ftp client or web browser. Some viruses are capable of capturing them and upload malicious contents to the server. Also ensure that the installed applications are safe and secure.

__________________
Fred Bruner
Business Analyst
SupportSages.com- Bytes of Wisdom @ Work - Where guarantees and promises are made to keep!
24/7 Support with 15 mins response time & no charge guarantees


Sponsored Links
  #4  
Old
Web Hosting Master
 
Join Date: Jun 2007
Location: Australia
Posts: 819
Quote:
Originally Posted by ssfred View Post
Hello
The chance for a malware or virus attack on a Linux server is very low. Normally files uploaded through an infected machine will be the culprit . In such cases , you need to change your Cpanel and mysql password first and then perform a detailed scan on your machine with updated anti-virus. Once the machine is confirmed to be secure, download the webcontents and then remove the malware entries and upload it back. Stop the habit of storing site login credentials on applications like ftp client or web browser. Some viruses are capable of capturing them and upload malicious contents to the server. Also ensure that the installed applications are safe and secure.
Not only just re-upload the affected contents, but I'd advise to ensure that scripts are up to date. The common way that a hacker gains access are outdated scripts.

__________________



  #5  
Old
Newbie
 
Join Date: Dec 2010
Location: Online
Posts: 13
Thank you for all responses. Some of your inputs were really good, that I think many of us take for granted.

After hours of scanning and reading online I couldn't find anything that suggested what "PUA.HTML.Infected.WebPage-2" actually is.. until just a while back I noticed the Google Analytics code on our website was appended after the body tag.. I relocated the code and ran the scan again.. that was it!
Even a genuine JS code added outside of the designated areas is flagged as "potential" malware by ClamAV.

__________________
Awesome Logo & Web Design Service. Really! - Web Design Portfolio / Logo Design Portfolio

Reply

Similar Threads
Thread Thread Starter Forum Replies Last Post
webpage help? HTML nadsy Web Design and Content 1 01-18-2009 03:12 AM
Apache has a way to insert some html code below <body> to every webpage ? natong Hosting Security and Technology 5 05-12-2008 06:13 AM
How to integrate horde login on a html webpage askthexperts Programming Discussion 5 08-19-2006 11:01 AM
PHP webpage won't load up while html page loadup fine.. jayzee Hosting Security and Technology 3 10-03-2005 11:24 AM
[script needed] Read HTML Webpage and trigger on value DCM Other Offers & Requests 2 12-14-2003 02:07 PM

Related posts from TheWhir.com
Title Type Date Posted
Google Blacklists 11,000 Websites Infected with SoakSoak Malware Web Hosting News 2014-12-16 11:08:55
NSA Denies Allegations that it Infected Millions of PCs with Malware Web Hosting News 2014-03-14 11:45:53
Bitcoin-Mining Malware Hits APAC Region Hardest Web Hosting News 2013-12-30 16:52:59
Malwarebytes Launches Data Scan-and-Backup Service Web Hosting News 2013-05-07 14:51:03
Polish Domain Registry NASK Seizes Domains Used in Pervasive Virut Botnet Web Hosting News 2013-01-21 16:56:31


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Advertisement:
Web Hosting News:
WHT Membership
WHT Membership



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?