Malicious code can be added to your web pages or embedded in your web server or database. This article provides guidelines for removing malware.
As a Norton Secured Seal customer, you benefit from malware checking. We check a trusted blacklist of malicious or suspected websites and let you know by email and in the console if your site was identified as hosting malware.websitewebsite
How do I remove malicious code from my website?
The method to remove the malware from your website depends on whether the malware is on your web pages or injected into your database. Below are some general guidelines for removing the malicious code. If you are not familiar with how to update your web pages or database, consult an IT professional for further assistance.
When your website is infected with malware, it is likely that one of the following has occurred:
Replace infected pages with a clean backed-up version: If you back up your web pages regularly, and you believe you have a clean version of the web pages, you can always replace your infected web pages with the clean backup.
Remove malicious code from infected Web pages manually: If you do not have a clean backup of your web pages, then manually remove the malicious code from infected web pages. Check with your website developers and server admins to identify and remove the malware from your website.
Remove malicious code from your database: If the same malicious code appears on multiple pages or you previously removed malicious code from your site and it reappears, then the malicious code most likely is residing in your database. To remove malicious code from your database, search for the malicious code string in character fields. Once you have found the malicious code string, delete it from your database. If you have web pages that are infected, make sure to remove the malicious code from the pages as well.
Ensure that all instances of malware are removed from your site: If malicious code is found on your site, there is an increased likelihood that additional hidden instances exist on your web pages that are not actively delivering malware to your end users’ PCs. As a best practice, we recommend that you review your web pages for any iframes that point to sites that you do not recognize or that appear suspicious to you.