Malware is short for malicious software. It's a catch-all term that describes harmful applications or other malicious code such as adware, spyware, trojan horses, worms or viruses.
Malware comes in many forms, from an unwanted ad reappearing on your site to an executable file that infects visitors who click on it. Telltale signs that your site is infected can include unexplained ads, links or pop-ups, but some malware can have no noticeable effects at all.
Your best defenses against malware are staying current with third-party application patches and using strong server passwords. When checking for the presence of malware, be sure to check the code residing on your server and not your backup files. Always use a virtual machine for verification to avoid infecting your own computer.
We cannot assist you with removing malware from your server. Consider taking your site down immediately to prevent infecting visitors, and take action quickly to identify/remove it.
If you think you're having an issue with malware, change passwords that would be affected such as FTP or database passwords. Then use these guidelines to identify the problem.
NOTE: Always use a virtual machine to test for malware to prevent infecting your own computer. To get accurate results, test your currently-live code from your hosting server and not your backup files.
Check Google SafeBrowsing diagnostics. Visit http://www.google.com/safebrowsing/diagnostic?site=www.example.com and replace www.example.com with your site.
Test all downloadable software posted on your site. Software downloads can pass on malware. Even if you developed the software, it might have been altered by a hacker.
Test all links from your site. Make sure they do not go to sites containing malware.
Check the ads on your site. Malware can be distributed through ads on your site. Identify these with a link-checker software and research your ad partners on the Internet to see if others have had similar problems.
Check all user-posting areas of your site. Scan all links with a link-checker.
Be alert to hacking attacks. Injection (inserting code or executables onto your Web pages) is a common method of hacking that exploits a security vulnerability to introduce harmful code, so look for code you didn't add.
Download your site's files to a virtual machine and scan them. Avoid infecting your own machine by using a virtual machine, and scan using anti-virus and anti-spyware programs.
If you discover you have malware, use these suggestions to remove it from your site.
Remove all links to malware sites from your site.
Remove infected software. Do not offer it again until you are sure that it is not infected. If you created the software, use malware prevention sites to learn guidelines for software compliance.
Remove malware-infected ads. If you use an ad network, you might need to remove all of the network's ads until you are certain that the network is clear. You might also contact your ad provider.
Edit or remove user-generated posts where malware is present.
If you think your site has been hacked, use the following guideline to resolve issues and get back online.
NOTE:Some features in this article are only available in the full version of SiteLock. For more information on how to upgrade, see
Prevention is the most important tool against malware. Follow these guidelines to save time, effort, and trouble in the future.
Use a daily site scanning utility. Vulnerability scanners, such as SiteLock, can detect vulnerabilities that a hacker could potentially exploit.
Check all software before making it available for download. Scan all software before offering it and if you are a software developer, consider a Code Signing Certificate to protect your code from being altered.
Use only reputable ad providers and monitor them regularly. Make sure your ad providers are currently malware-free and that they scan regularly for malware from advertisers. Use Internet searches and review sites to check out new partners for previous or current problems.
Use strong passwords. For guidelines on creating a password see Generating a Strong Password.
Use FTP-SSL, if available. To check your hosting server for FTP-SSL availability and to connect using FTP-SSL, see Connecting to Your Shared Hosting Account with FTP-SSL.
Keep everything up to date. Install the latest available version and all available patches for third-party software on your site. This is integral to preventing malware, because if the software you use has a security vulnerability, then your site is also vulnerable.