Try to remove the virus from the site.
The problem is that when you go to website from Google there is a redirect to a third-party resource.
In the file system of the website the virus adds extraneous folders and injected code, encoded in base64.
After removing in 2-4 hours the problem returns.
Today, discovered that all of the domains that are located on the same host with the infected site as infected with the virus (in their file structure added extraneous folders with the same names, extraneous php files with base64, and insert extraneous code). - possible cross-contamination between domains, which does not allow to remove the malicious files? how to check and how might such a problem be solved?
Jules.Reichel11 answered on April 19th 20 at 12:35
1. to remove all access to FTP
2. to change the passwords on all
3. To clean your computer from viruses.
4. to upgrade the engine.
5. To protect the files of an entry ( which are infected)
6. to remove backdoor
7. To change the characteristics defining the engine.
8. To remove vulnerability vulnerability
Cecelia answered on April 19th 20 at 12:37
You need no virus to eliminate a vulnerability. In order to give recommendations you need to know what sites. Samopisnye or Joomla or WordPress? You have a dedicated server, shared hosting or look for what? What level of access? Ruth?
Need to know how attackers do it. Where is their entry point.
But basically, all you need to do directory prohibited for entry under Apache or PHP. Also all files. If your site has a single file index.php (as it should be) then you need to add htaccess that no other PHP files cannot be run. If you have more than one PHP file bootable, then I advise you to change it site.
If you there is a problem with the rights on all domains, and they are all on one disc, you get the access, they can modify the files of another domain.