system
1
Hi, i’m the owner of the site hxxp:// www. createandshare. es
We are a news blog/portal, we have not suffer any problem with spam or malware since we started, and haven’t installed any new plugins of late.
Today I was told by my website’s users that my site was blocked by Avast. I checked it out myself and got the following message:
Infection Details
URL: hxxp:// www. createandshare. es/|%3E{gzip}
Process: file://C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Infection: html:Script-inf
I have done some searches and find out there are some poeple having the same problem.
(http://forum.avast.com/index.php?topic=81524.0)
Please let me know what is going on and what can we do to get it fixed?
Thank you in advance.
Best regards.
Pondus
2
system
3
system
4
How can we solve it?
How did it happen?
Pondus
5
It was probably hacked…
The sucuri scanner say: Wordpress version outdated: Upgrade required.
Protect your interwebs with Sucuri http://sucuri.net/signup
Information for Website Owners http://stopbadware.org/home/webmasters
Tips for Cleaning & Securing Your Website http://stopbadware.org/home/security
Pondus
6
DavidR
7
Well first the site redirects to the createandshare.net version of your site and this is also picked up, image1.
http://www.virustotal.com/file-scan/report.html?id=f607197a0605151f322b9c64c2fdab532bc05e9bb760201f3225fcaac1c9458f-1313444374
Check those pages and others for the presence of a script tag after the closing HTML tag, if you didn’t put it there then your site has been hacked.