How to fix: Warning: Visiting this site may harm your computer - domainameat.cc
By: William Alexander
If google redirects all your visitors to this warning below:
Warning: Visiting this site may harm your computer!
The website at www.yoursite.com contains elements from the site domainameat.cc, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.
Then, probably your site has been infected with malware. Ok first things first, be cool and dont panic. This could be resolved. If you open your FTP and closely check your PHP files, you will see some lines of code on top of the page that starts with eval(base64_decode(.............................
index.php could be the file affected or it could have affected almost all of your php files.
You will have to remove these lines of code from your files. If you have to do manually, it will be a nightmare.
So just follow these steps to do it automatically.
1. Copy the below code and save it into a file. And name it as 'fix.php'.
<?php
set_time_limit(0);
$dir = "./";
$rmcode = `find $dir -name "*.php" -type f |xargs sed -i 's#<?php /\*\*/ eval(base64_decode("aWY.*?>##g' 2>&1`;
echo "Malware removed.<br />\n";
$emptyline = `find $dir -name "*.php" -type f | xargs sed -i '/./,$!d' 2>&1`;
echo "Empty lines removed.<br />\n";
?>
<br />
Completed.
2. Now upload this file to your website. (save it in the folder where your index.php file resides). 3. Open your browser and call this file (eg. http://www.yoursite.com/fix.php)
Be patient, depending on your site, it may take very long. That is why the time out limit is set to unlimited in the above code. Be sure, all the affected files will be restored back to normal.
What the above code does is, to search for all the php files that containst the infected code and deletes those lines. Then the emptyline code removes the empty lines from the file as well.
Cheers. Your site is now restored to normal.
Archived Comments
1. Thanks! It worked for me. Only the index.php file was affected so I just did it manually.
View Tutorial By: Me at 2012-07-28 16:03:52
2. Thanks!
View Tutorial By: sad at 2012-03-30 08:30:14
3. Hi, I used your fix and it looks like it worked fine for Chrome and Safari browsers but the automate
View Tutorial By: Eddie at 2011-02-21 18:41:06
4. Hi, thank you so much for this. I am going to give it a try now.
On another note, do
View Tutorial By: Eddie at 2011-02-21 14:10:04
5. hi i have used this code in my site. and it says
Malware removed.
Empty lines removed
View Tutorial By: Jawad at 2011-01-16 06:31:00
6. Good,
Thank you man.
View Tutorial By: Goldo at 2010-07-12 14:56:14
7. Hi Chriz,
Yes it should work on any site. Because all it does is to look for that string of a
View Tutorial By: William at 2010-07-10 20:54:24
8. Hi,
Can we use this fix.php on the Joomla CMS attacked websites?
Thank
View Tutorial By: Chriz at 2010-07-05 09:22:57
9. I did this exactly.
In my case, the fix.php file took very long time and finally looked like
View Tutorial By: Manorasa at 2010-06-29 23:32:24
Comment on this tutorial
- Data Science
- Android
- AJAX
- ASP.net
- C
- C++
- C#
- Cocoa
- Cloud Computing
- HTML5
- Java
- Javascript
- JSF
- JSP
- J2ME
- Java Beans
- EJB
- JDBC
- Linux
- Mac OS X
- iPhone
- MySQL
- Office 365
- Perl
- PHP
- Python
- Ruby
- VB.net
- Hibernate
- Struts
- SAP
- Trends
- Tech Reviews
- WebServices
- XML
- Certification
- Interview
categories
Related Tutorials
PHP code to write to a CSV file for Microsoft Applications
PHP code to write to a CSV file from MySQL query
PHP code to import from CSV file to MySQL
Password must include both numeric and alphabetic characters - Magento
Error: Length parameter must be greater than 0
PHP file upload prompts authentication for anonymous users
PHP file upload with IIS on windows XP/2000 etc
Multiple File Upload in PHP using IFRAME
Resume or Pause File Uploads in PHP
Exception in module wampmanager.exe at 000F15A0 in Windows 8