Check my site

hendrikm

Dear forum,

 

I got an email today saying that my site would spread viruses and that F-Secure had blocked a visitor from accessing the site.

So far I did several scans with multiple anti-virus solutions and none of these showed a virus or any problem.

 

Could someone please go to <link removed> (my wedding photography site) and tell me, wether F-Secure blocks the site or not...

 

THANK YOU VERY MUCH!

Hexo

Hey, i checked you page with google chrome, FireFox, IE and with Opera.

F-Secure don´t block your page but Google Chrome does:

 

Opera, FF and IE did nothing... BUT: After i have use the Internet Explorer, F-Secure made a detection of  Malware

 

 

It´s seems, that anything has infectet your Page.... (and my pc now ^^... joke, the maleware was only in the sandbox)

EDIT: I think someting is with your "main.htm" strainge. Plz check this file.

 

 

Greetz

hendrikm

THANK YOU!

 

And: Sorry for the virus!

 

I´m just downloading all of the websites content to do a scan on my computer. I hope this works.

The site probably got hacked through a wordpress blog.

 

btw: Can someone please try the following domains:

<link removed>

<link removed>

 

They are hosted at the same space but are completely different websites...

Hexo

I get the same "google chrome" informations about the other two pages.

 

If you got some experence in html plz open the main.htm and search for something from "bizinterdtn.in"

 

I give you a good tip: change you passwort for your FTP and SQL account. Normaly when someone changed or edit something on the files, he used the FTP access.

 

(feel free and give a Kudos )

 

 

Greetz

 

hendrikm

Thanks a lot!

 

I found a few lines of cryptic, confused html+javascript code in each index.html file and a few new php files. I changed all passwords (ftp, mail, webspace provider). cleande the html files and am just uploading the (hopefully clean) files.

 

Should be done in a few minutes.

 

If someone is brave and dares to access my websites - I´m looking for some feedback.

 

I still have the nagging felling that my computer might be infected, too and the ftp passwort got stolen from it. I´m doing a complete scan with security essentials now (and will do the same thing agaian with antivir, tommorrow)

tripodzid

I really haven't tried scanning my website using all the browsers available. Thanks for giving me an idea.

 

 

______________

Business is the game!!

Hexo

So, i have checked your page with and it´s seems now ok.

Mhhh.... i give you a Tip: forget Microsoft Security Essentials and use F-Secure. It´s much better (and they got a really good Support)

MJ-perComp

Fixing the mannipulated INDEX-Files might not do the trick.

Please also Update your Content management system and fix Access rights for all files!

 

BR

 

 

Siltanen

Hello All,

Moderator removed the links from the posts above. This is of course just a precautionary measure.

In future I would ask you to submit all samples to our Sample Analysis System for further investigation:

https://analysis.f-secure.com/portal/login.html

 

hendrikm

Unfortunately the Sample Analysis System wouldn´t have worked, as I didn´t know wether my site was infected at all and I didn´t know which file was infected.

 

Luckily some of the users on this forum could confirm that my sites were infected and which files were affected.