Malware removal guide results - problem with RootRepeal

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by emagine, Sep 27, 2010.

  1. emagine

    emagine Private E-2

    I have been having problems with my pc and my hosting provider because of attacks to my clients that i host there. My provider redirected me to your forum and asked me to complete this malware removal guide.
    While going through the guide on step Run RootRepeal , before the process of scanning was completed, my pc restarted without any warning!
    I do not know if i still have any problems. I am attaching all the log files you need in 2 messages as you asked.
    Windows XP SP2 (os)
    Thank you in advance for your help!!
     

    Attached Files:

  2. emagine

    emagine Private E-2

    Last log file needed to be attached. It is probably empty because before the scan was completed my computer just reboots!
     

    Attached Files:

  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean. Are you saying you host a web site and it is being hacked? I am not sure what your issue is exactly.
     
  4. emagine

    emagine Private E-2

    Hello.
    Thank you in advance for your time and effort!
    I host client websites at Hostgator and through the last 4 months they keep having malware attacks through ftp password compromization. The only pc with ftp passwords saved on it is mine! I am going crazy and have minimum help on dealing with it. They have redirected me to your site for help. The only problem that i see is with my mail server.
    I use outlook and everytime i send receive i get the following message:

    Task 'mail.emagine.gr - Sending' reported error (0x800CCC0F) : 'The connection to the server was interrupted. If this problem continues, contact your server administrator or Internet service provider (ISP). The server responded: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1)'

    thanks again.
     
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Problems like this are really more of a vulnerability issue and not truly malware. How people write their website code, how old/unupdated the software they write it with, and how secure the servers that host it are really the areas to look at. Issues here are commonly referred to as code injection ( see: http://en.wikipedia.org/wiki/Code_injection ) The things we do in this forum are not going to find problems in your code. None of these malware scanners will since they are not design for this purpose.

    You are going to need to have a very good webpage developer check the code for security issues and you need to verify that all software being used has been updated to include all security patches. In addition, you need to make sure that the server hosting the website also has been fully updated.

    If you have been previously hacked, you should attempt to find out how it was hacked last time so you can verify that they security issues have been resolved.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds