Jump to content

All of my own websites blocked by malwarebytes


jhmartin00

Recommended Posts

I am hosting 7 different websites with hostgator. I have not been on them in a while and when I went to one earlier, I got two of the following malwarebytes messages:

 

Malicious Website Blocked

Domain: c11n4.i.teaserguide.com

IP: 91.226.33.54

Port: 55276

Type: outbound

process: c:\program files (x86)\Google\Chrome\Application\chrome.exe

 

Malicious Website Blocked

Domain: kfc.i.illuminationes.com

IP: 91.226.33.54

Port: 55279

Type: outbound

process: c:\program files (x86)\Google\Chrome\Application\chrome.exe

 

The above sites ARE NOT the websites that I'm trying to open. Below are the websites that I'm trying to open, which are mine, hosted by me.

 

ehinitiative . org

fairfieldtutoring . org

happyhourinhouston . com

powerwasherreviews . net

theknifehut . com

thetruckingsource . com

whatsinwhatyoueat . org

 

Now you will probably have me run all these anti-virus/malware/bot/etc on my computer, and perhaps you're right. However, I've opened 236 other webpages since this started happening and malwarebytes does not block any of them. Yet as soon as I try to open one that I am hosting, I get that message. I am still able to open the webpages but that message keeps popping up.

 

To me, it seems like my websites were hacked and they're trying to redirect something to those sites. I spoke with my hosting company and they don't see any issues. Of course they don't have malwarebytes installed either. I send them the screen shots of malwarebytes but they were of no help.

 

Since then I've deleted some files that were created in a time frame that I don't remember messing with the site, but the message still pops up. I know this may be an issue for the hosting company, but if you could point me in the right direction, it would be of great help!

 

Thanks,

Jeff

 

 

 

post-193232-0-77410400-1443130047_thumb.

post-193232-0-62214100-1443130048_thumb.

Link to post
Share on other sites

  • Staff

Just a suggestion, I would check your sites for: 

 

Trojan:JS/Iframeinject.AE.
 
Malicious JavaScript file added to compromised websites.
 
Payload
 
Redirects to another website containing adware
 
This threat generates a hidden IFrame and injects it into the HTML webpage. The IFrame redirects the browser to certain pages containing adware, for example c11n4.i.teaserguide.com.
 
 
Andres
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.