Check my site

Dear forum,

 

I got an email today saying that my site would spread viruses and that F-Secure had blocked a visitor from accessing the site.

So far I did several scans with multiple anti-virus solutions and none of these showed a virus or any problem.Smiley Frustrated

 

Could someone please go to <link removed> (my wedding photography site) and tell me, wether F-Secure blocks the site or not...

 

THANK YOU VERY MUCH!

Answers

  • HexoHexo Posts: 240

    Hey, i checked you page with google chrome, FireFox, IE and with Opera.

    F-Secure don´t block your page but Google Chrome does:

    Ashampoo_Snap_2012.02.13_22h26m13s_001_.png

     

    Opera, FF and IE did nothing... BUT: After i have use the Internet Explorer, F-Secure made a detection of  Malware

     

    Ashampoo_Snap_2012.02.13_22h29m08s_002_Viren- und Spyware-Scanning.png

     

    It´s seems, that anything has infectet your Page.... (and my pc now ^^... joke, the maleware was only in the sandbox)

    EDIT: I think someting is with your "main.htm" strainge. Plz check this file.

     

     

    Greetz

  • THANK YOU!

     

    And: Sorry for the virus!

     

    I´m just downloading all of the websites content to do a scan on my computer. I hope this works.

    The site probably got hacked through a wordpress blog.

     

    btw: Can someone please try the following domains:

    <link removed>

    <link removed>

     

    They are hosted at the same space but are completely different websites...

  • HexoHexo Posts: 240

    I get the same "google chrome" informations about the other two pages.

     

    If you got some experence in html plz open the main.htm and search for something from "bizinterdtn.in"

     

    I give you a good tip: change you passwort for your FTP and SQL account. Normaly when someone changed or edit something on the files, he used the FTP access.

     

    (feel free and give a Kudos Smiley Happy )

     

     

    Greetz

     

  • Thanks a lot!

     

    I found a few lines of cryptic, confused html+javascript code in each index.html file and a few new php files. I changed all passwords (ftp, mail, webspace provider). cleande the html files and am just uploading the (hopefully clean) files.

     

    Should be done in a few minutes.

     

    If someone is brave and dares to access my websites - I´m looking for some feedback.

     

    I still have the nagging felling that my computer might be infected, too and the ftp passwort got stolen from it. I´m doing a complete scan with security essentials now (and will do the same thing agaian with antivir, tommorrow)

  • I really haven't tried scanning my website using all the browsers available. Thanks for giving me an idea.

     

     

    ______________

    Business is the game!!image

  • HexoHexo Posts: 240
    So, i have checked your page with and it´s seems now ok.

    Mhhh.... i give you a Tip: forget Microsoft Security Essentials and use F-Secure. It´s much better (and they got a really good Support)
  • MJ-perCompMJ-perComp Posts: 1,098

    Fixing the mannipulated INDEX-Files might not do the trick.

    Please also Update your Content management system and fix Access rights for all files!

     

    BR

     

     

  • SiltanenSiltanen Posts: 108

    Hello All,

    Moderator removed the links from the posts above. This is of course just a precautionary measure.

    In future I would ask you to submit all samples to our Sample Analysis System for further investigation:

    https://analysis.f-secure.com/portal/login.html

     

  • Unfortunately the Sample Analysis System wouldn´t have worked, as I didn´t know wether my site was infected at all and I didn´t know which file was infected.

     

    Luckily some of the users on this forum could confirm that my sites were infected and which files were affected.

     

     

This discussion has been closed.