Few days ago, I cannot access my site using the Google Chrome Web Browser. I was prompted that my site is dangerous since it’s hosing a MAL-Ware ( Malicious Ware. Others spell it as malware ) and may infect my computer (See image below).
Wait a minute, it’s my site! How can I put a website malware in my own site? I immediately look for solutions and search for answers on how can I remove this sort of virus or website malware (whatever they call it!) in my site.
I started asking my friend, Mr. Google for a possible solution with my problem. Luckily I’m not alone, there were many other victims of this kind of exploits around the world, and most of them are bloggers too.
So I read and read until I found an article that gave me some clue on what is happening around my site. After reading some, I found something interesting, it suggests that there is a specific plug-in in word press which is called Exploit Scanner that can help. What it does is scan all my .php files and look for any suspicious code and possible exploits within it. Sounds helpful but what it does is only search for the “possible exploits” which means this file or code might be the one causing the problem or may not, which can ruin my entire blog. In short, it can only scan my website for malware, but cannot automatically remove it.
As I broaden my research, I found out that there is an encrypted code inside my page which is hiding using the base64_decode PHP function. Base64 is a group of similar encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. In short, it’s like translating our Filipino language in other foreign language which only some can understand (from that country or know how to speak that language). So basically the base64_decode function in PHP is the translator of that foreign language. As I decode those languages using a translator or should I say decoder, I was surprised! Inside that function is a long Java script, scripts that when pasted in a simple text editor and save it is as an HTML file were being detected as a virus or malware!. This is what infects my site after all, but it crawls like a real virus that all my index files were infected. What I did is download all the infected files, removed all the suspicious code manually then re-upload it. But wait, Google still blocks me from trying to accessing my site. Again , Mr. Google as my ”knight in shining armor” told me to have Google Web Analytics recheck my site using the webmaster tools to unblock my site from their black list. Finally my site is up and running smoothly again.
This experience gave me an idea of creating my own a WordPress plug-in that would help remove that malicious codes hiding inside my pages and prevent the tedious process of the manual removal of those codes. So guys stay tuned!
You can download this malware remover for web pages in the next few days. 
Is this post helpful? If it does, please help me to publish quality articles like this. Send some donation to keep this website alive by clicking the button below:
Be a
Green Stickman™ fan. Click my Facebook "like" Button Here:
To all the people who clicked the "LIKE" button of my Fan Page, THANK YOU VERY MUCH! :D
