Hello,
My website got hacked and avast blocked. What can i do to unblock my website?
http://www.sverigeforaren.se
Hello,
My website got hacked and avast blocked. What can i do to unblock my website?
http://www.sverigeforaren.se
It is infected, see info here >> https://sitecheck.sucuri.net/results/www.sverigeforaren.se
I hired a guy to fix this. He found all the infected files and deleted them. Why is the scan still showing that the site is infected? Can it be a redis/nginx cache problem?
i guess some code is still there … see the report from sucuri posted above
what does the block message from avast say?
contact avast >> https://support.avast.com/support/home >> submit a ticket
I wonder why a Swedish site is linking to to a Russian one through links like this :
hxxp://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
That sure does look suspicious to say the least.
http://www.web-malware-removal.com/website-malware-virus-scanner/?url=www.sverigeforaren.se
Blacklisted :
http://multirbl.valli.org/lookup/62.210.127.76.html
http://urlquery.net/report.php?id=1455020540770
http://urlquery.net/report.php?id=1455020846834
Infected with SEO spam :
https://sitecheck.sucuri.net/results/www.sverigeforaren.se
JQuery insecurity (could be the cause of why the infection took place) :
http://retire.insecurity.today/#!/scan/085e2e8f259dc675f92d5477cbcc3f8e0123e1c8c2e52ec06c3e69cbd75c8482
I hope you didn’t payed that guy because he did not do a proper job.
Thanks for your reply. I kinda did pay him haha. Well atleast now i know that the website is still infected.
What do you guys think i should do?
Hej Legendaryz,
You could check here and have it analyzed: https://aw-snap.info/file-viewer/
Do a check on these external links:
Please check this list for unknown links on your website:
-http://klatterforum.se/ → ‘klã¤tterforum’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
-http://zaymi.org → ‘ð·ð°ð¹ð¼ñ ð¾ð½�’
-http://zaymi.org → ‘ññð¾ñð½ñðµ �’
-http://zaymi.org → ‘ð·ð°ð¹ð¼ñ ð¾ð½�’
-http://zaymi.org → ‘ññð¾ñð½ñð¹ �’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ð·ð°ð’
-http://zaymi.org → 'ð·ð°ð¹ð¼ñ ð½ð° ’
-http://zaymi.org → ‘ð¼ð¸ðºñð¾ðºñð’
-http://zaymi.org * → ‘ð¼ð³ð½ð¾ð²ðµð½ð’
See: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.sverigeforaren.se%2F
hxtp://www.sverigeforaren.se
Detected libraries:
jquery-migrate - 1.2.1 : -http://www.sverigeforaren.se/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : (active1) -http://www.sverigeforaren.se/wp-includes/js/jquery/jquery.js?ver=1.11.3
(active) - the library was also found to be active by running code
1 vulnerable library detected
SaferChrome: Insecure login: Password will be transmited in clear to -http://www.sverigeforaren.se/wp-login.php detected (see report) Insecure login (1)
Password will be transmited in clear to -http://www.sverigeforaren.se/wp-login.php
Check your free WordPress plug-ins for latest versions, disable user enumeration and directory listing.
Another insecurity: PHP Version: 5.4.16 (Outdated)
Above cold reconnaissance report for your website comes from:
polonus (volunteer website security analyst and website erro-hunter)
Just came in results of the SRI Report Scan for http://www.sverigeforaren.se
https://sritest.io/#report/3f671159-878b-478f-8dce-2de61c18f03e
I detected a SRI issue with a script tag:
Tag Result
I hided the results from Statistics,
polonus (volunteer website security analyst and website error-hunter)
I think i got it all fixed. Thanks for your help
Sucuri is now all green, Grattis Grabben
Tack!