nuotoll.com mallware in cart

dlingner · **Joined:** Sat Jan 28, 2006 1:00 am **Posts:** 83

My AVG is giving me a warning of malicious software on my site.

Source being nuotoll.com

We have two CRE carts, on different servers, and it is on both.

How do we get rid of it?

Once rid of, prevent it from happening again?

Thanks

CRE Loaded Expert · **Posted:** Fri May 22, 2009 4:20 pm

Contact your host.. they can remove it via ssh
change your ftp logins/passwords.. delete all un-needed ftp accounts
see
http://www.creloaded.com/forums/Forums/ ... tml#119218

wallee · **Posted:** Sat May 23, 2009 2:28 pm

check your index files - html, htm, php... look below the </html> tag for script code that does not belong... somehow this got injected into my wordpress 2.7.1 admin dashboard.. I doubt is has much to do with ftp passwords being hacked - which is what my service provider tried to tell me.

If you google / yahoo nuotoll you will see this is popping up all over.

dlingner · **Joined:** Sat Jan 28, 2006 1:00 am **Posts:** 83

I think it is related to ftp in some way. Because all of my websites have it and I use two different hosts. So, it is not host related. I think somehow it got into my computer and got my ftp info there and got into my websites. I use an ftp program called coffee cup direct ftp for my editing and perhaps it got the info there?

How do I get these off my websites?

Thanks.

CRE Loaded Expert · **Posted:** Sun May 24, 2009 3:26 pm

That is what i have been trying to say in all these other posts..

contact your host.. they can remove it quickly or at least give you a list of infected files

but the bigger concern would be you having at least the malware on your machine.. and if that is the case.. you are likely to have all sorts of rootkits and such.. You are going to want to scan your local machine with several different malware/AV programs.. but it isn't likely to get them all off.. without a high grade reformat/new hard drive

wallee · **Posted:** Mon May 25, 2009 4:02 am

dlingner wrote:

I think it is related to ftp in some way. Because all of my websites have it and I use two different hosts. So, it is not host related. I think somehow it got into my computer and got my ftp info there and got into my websites. I use an ftp program called coffee cup direct ftp for my editing and perhaps it got the info there?

How do I get these off my websites?

Thanks.

My provider would not do this for me.. To get it off of your sites... use a text editor not dreamweaver or other webdesign app.. I used ftp, and text pad.

In dreamweaver - in code view the code could not be seen.. in text pad it could be seen. You will have to manually locate and delete. check your index files - html, htm, php... look below the </html> tag for script code that does not belong...

You PC is another issue.. the suggestions of using several tools is best.

My Avast stopped it from getting on my local drive..

inetbiz · **Posted:** Sun Jun 28, 2009 1:56 pm

Quote:

My provider would not do this for me.. To get it off of your sites... use a text editor not dreamweaver or other webdesign app

Time to shop around for a new host. Are you using one of the major hosting providers or a smaller niche host? They're bread and butter depend upon you being successful!

Loaded Commerce Community

nuotoll.com mallware in cart

Who is online

Main Menu

Login

Forums Latest Activity

Top Listing