My website redirects to Malware. Pc and browser clean
Moderators: mandville, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
I have been hacked?
Hello everyone.
After some work with my website today,the website is very slow all day,most of the times it does not load or when it does it redirects on a spam website called that -> securesignupoffers.net .
This adware or whatever it is,its not installed anywhere on the pc,no process on the task manager,and i cant find any folder related to it,so it probably is on my website. I get this redirect ONLY on my website.
The website is this -> georld.com .
Any idea what's going wrong???
After some work with my website today,the website is very slow all day,most of the times it does not load or when it does it redirects on a spam website called that -> securesignupoffers.net .
This adware or whatever it is,its not installed anywhere on the pc,no process on the task manager,and i cant find any folder related to it,so it probably is on my website. I get this redirect ONLY on my website.
The website is this -> georld.com .
Any idea what's going wrong???
- pranabmistry
- Joomla! Explorer
- Posts: 339
- Joined: Sun Dec 07, 2014 4:51 pm
- Location: Dhaka, Bangladesh
- Contact:
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: I have been hacked?
So what can i do now?
- pranabmistry
- Joomla! Explorer
- Posts: 339
- Joined: Sun Dec 07, 2014 4:51 pm
- Location: Dhaka, Bangladesh
- Contact:
Re: I have been hacked?
Your site is not redirecting at all...... it;s geoworld...... I am able to open this.
With Regards
Pranab Mistry
Pranab Mistry
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: I have been hacked?
So do you think its my computer then? As i mentioned in my OP i cannot find any program installed,and i did try malware remover.pranabmistry wrote:Your site is not redirecting at all...... it;s geoworld...... I am able to open this.
- pranabmistry
- Joomla! Explorer
- Posts: 339
- Joined: Sun Dec 07, 2014 4:51 pm
- Location: Dhaka, Bangladesh
- Contact:
Re: I have been hacked?
Did you try to open the site with a different browser?
With Regards
Pranab Mistry
Pranab Mistry
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: I have been hacked?
Yes. Internet explorer worked fine until like an hour ago when it did the exact same thing. It now seems to be working fine (this redirect does not have a system,it just happens some times).pranabmistry wrote:Did you try to open the site with a different browser?
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: I have been hacked?
http://sitecheck.sucuri.net/results/georld.com
does it do it on a different computer, have ou virus scanned our pc? installed something recently? malware?
does it do it on a different computer, have ou virus scanned our pc? installed something recently? malware?
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: I have been hacked?
So i am hacked. I found exactly my problem on a online site virus checker which is more acurate than sucuri and tells me exacly the problem i encounter (securesignup) .mandville wrote:http://sitecheck.sucuri.net/results/georld.com
does it do it on a different computer, have ou virus scanned our pc? installed something recently? malware?
Here is the screenshot. Now the real question is what am i doing now? Is this a person trying to steal from me or is it just a program?
You do not have the required permissions to view the files attached to this post.
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
My website redirects to Malware. Pc and browser clean
Hi guys.
My website redirects into another page. My pc is absolutely clean (checked with antivirus and and malware bytes) and there is nothing on the browser or any background running process,which probably means that there is something in the website.
How to find it and remove it?
My website redirects into another page. My pc is absolutely clean (checked with antivirus and and malware bytes) and there is nothing on the browser or any background running process,which probably means that there is something in the website.
How to find it and remove it?
You do not have the required permissions to view the files attached to this post.
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: My website redirects to Malware. Pc and browser clean
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
Thank you Leo. I do not understand what this forum post assistant details about me gives,but anyway i will post it and i will hope that everyone here is not a bad person .
I uploaded the generated text as a text doc because it had too many words and the forum wouldn't allow more than 20000 words. If its not the right way please let me know how else i can do it.
You do not have the required permissions to view the files attached to this post.
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
Maybe two separate posts?
Problem Description :: Forum Post Assistant (v1.2.4) : 29th March 2015 wrote:Website redirects to a different website
Log/Error Message :: Forum Post Assistant (v1.2.4) : 29th March 2015 wrote:-
Forum Post Assistant (v1.2.4) : 29th March 2015 wrote:Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.4.1-Stable (Ember) 21-March-2015
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Read-Only (444) | Owner: 15169437 (uid: /gid: ) | Group: 15169437 (gid: ) | Valid For: 3.4
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 0 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes
Host Configuration :: OS: Linux | OS Version: 2.6.32-531.29.2.lve1.3.11.1.el6.x86_64 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: /home/vol4_8/byethost31.com/b31_15169437/htdocs | System TMP Writable: Yes
PHP Configuration :: Version: 5.4.38 | PHP API: apache2handler | Session Path Writable: Yes | Display Errors: | Error Reporting: 32759 | Log Errors To: | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: /php_sessions:/tmp:/var/www/errors:/usr/share/pear:/home/vol4_8/byethost31.com/b31_15169437/htdocs | Uploads: 1 | Max. Upload Size: 10M | Max. POST Size: 20M | Max. Input Time: 30 | Max. Execution Time: 20 | Memory Limit: 128M
MySQL Configuration :: Version: 5.6.22-71.0 (Client:mysqlnd 5.0.10 - 20111026 - $Id: c85105d7c6f7d70d609bb4c000257868a40840ab $) | Host: --protected-- (--protected--) | Collation: latin1_swedish_ci (Character Set: latin1) | Database Size: 4.82 MiB | #of Tables: 263
[/quote]Detailed Environment :: wrote:PHP Extensions :: Core (5.4.38) | date (5.4.38) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7) | zlib (2.0) | bcmath () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | fileinfo (1.0.5) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | intl (1.1.0) | json (1.2.1) | mbstring () | mcrypt () | standard (5.4.38) | mysqlnd (mysqlnd 5.0.10 - 20111026 - $Id: c85105d7c6f7d70d609bb4c000257868a40840ab $) | mysqli (0.1) | mysql (1.0) | PDO (1.0.4dev) | pdo_mysql (1.0.2) | Phar (2.0.1) | Reflection ($Id: f6367cdb4e3f392af4a6d441a6641de87c2e50c4 $) | imap () | SimpleXML (0.1) | soap () | exif (1.4 $Id: 7f95ff43ea7cc9a2c41a912863ed70069c0e34c5 $) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | apache2handler () | phalcon (1.3.4) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.4.0) |
Potential Missing Extensions :: suhosin |
[quote]
Switch User Environment (Experimental) :: PHP CGI: No | Server SU: No | PHP SU: No | Custom SU (LiteSpeed/Cloud/Grid): No
Potential Ownership Issues: Maybe
Last edited by mandville on Sun Mar 29, 2015 6:31 pm, edited 1 time in total.
Reason: reformatted for readability
Reason: reformatted for readability
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
Apache Modules :: core | prefork | http_core | mod_so | mod_extract_forwarded2 | mod_ruid2 | mod_auth_basic | mod_authn_file | mod_authz_host | mod_authz_user | mod_authz_groupfile | mod_include | mod_log_config | mod_env | mod_expires | mod_deflate | mod_headers | mod_setenvif | mod_mime | mod_status | mod_autoindex | mod_dir | mod_alias | mod_rewrite | mod_apreq2 | mod_hostinglimits | mod_perl | mod_php5 | mod_dbd | mod_vhs | Apache |
Potential Missing Modules :: mod_security | mod_evasive | mod_dosevasive | mod_ssl | mod_qos | mod_userdir |
[/size]
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |
Elevated Permissions (First 10) :: administrator/backups/ (777) | administrator/cache/com_virtuemart_cats/ (777) | administrator/cache/com_virtuemart_revenue/ (777) | administrator/cache/com_virtuemart_rss/ (777) | administrator/cache/convertECB/ (777) | administrator/cache/j2storemodelshipping.item/ (777) | cache/com_virtuemart_cats/ (777) | cache/convertECB/ (777) | [/size]
Extensions Discovered :: wrote:Components :: SITE :: com_wrapper (3.0.0) | WF_LISTS_TITLE (2.4.2) | WF_LINK_TITLE (2.4.2) | WF_SPELLCHECKER_TITLE (2.4.2) | WF_FONTSELECT_TITLE (2.4.2) | WF_FULLSCREEN_TITLE (2.4.2) | WF_TEXTCASE_TITLE (2.4.2) | WF_INLINEPOPUPS_TITLE (2.4.2) | WF_SEARCHREPLACE_TITLE (2.4.2) | WF_CLIPBOARD_TITLE (2.4.2) | WF_PRINT_TITLE (2.4.2) | WF_CONTEXTMENU_TITLE (2.4.2) | WF_CHARMAP_TITLE (2.4.2) | WF_MEDIA_TITLE (2.4.2) | WF_STYLESELECT_TITLE (2.4.2) | WF_FORMATSELECT_TITLE (2.4.2) | WF_PREVIEW_TITLE (2.4.2) | WF_ANCHOR_TITLE (2.4.2) | WF_CLEANUP_TITLE (2.4.2) | WF_SOURCE_TITLE (2.4.2) | WF_FONTSIZESELECT_TITLE (2.4.2) | WF_BROWSER_TITLE (2.4.2) | WF_VISUALCHARS_TITLE (2.4.2) | WF_NONBREAKING_TITLE (2.4.2) | WF_ARTICLE_TITLE (2.4.2) | WF_FONTCOLOR_TITLE (2.4.2) | WF_TABLE_TITLE (2.4.2) | WF_DIRECTIONALITY_TITLE (2.4.2) | WF_KITCHENSINK_TITLE (2.4.2) | WF_IMGMANAGER_TITLE (2.4.2) | WF_XHTMLXTRAS_TITLE (2.4.2) | WF_VISUALBLOCKS_TITLE (2.4.2) | WF_LAYER_TITLE (2.4.2) | WF_AUTOSAVE_TITLE (2.4.2) | WF_STYLE_TITLE (2.4.2) | WF_LINK_SEARCH_TITLE (2.4.2) | WF_AGGREGATOR_VINE_TITLE (2.4.2) | WF_AGGREGATOR_VIMEO_TITLE (2.4.2) | WF_AGGREGATOR_[youtube]_TITLE (2.4.2) | WF_FILESYSTEM_JOOMLA_TITLE (2.4.2) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.4.2) | WF_LINKS_JOOMLALINKS_TITLE (2.4.2) | WF_POPUPS_JCEMEDIABOX_TITLE (2.4.2) | WF_POPUPS_WINDOW_TITLE (2.4.2) | com_mailto (3.0.0) |
Components :: ADMIN :: com_joomlaupdate (3.0.0) | com_plugins (3.0.0) | COM_CREATIVEIMAGESLIDER (2.0.0) | com_banners (3.0.0) | Unknown (-) | JCE (2.4.2) | com_cpanel (3.0.0) | com_tags (3.1.0) | com_contenthistory (3.2.0) | COM_K2 (2.6.8) | mod_k2_comments (-) | mod_k2_comments (-) | com_messages (3.0.0) | com_languages (3.0.0) | COM_EASYJOOMLABACKUP (3-4) | com_cache (3.0.0) | com_users (3.0.0) | com_postinstall (3.2.0) | com_templates (3.0.0) | com_checkin (3.0.0) | com_modules (3.0.0) | com_installer (3.0.0) | com_admin (3.0.0) | com_search (3.0.0) | com_ajax (3.2.0) | com_config (3.0.0) | com_weblinks (3.0.0) | com_redirect (3.0.0) | com_newsfeeds (3.0.0) | com_finder (3.0.0) | com_media (3.0.0) | HikaShop Product TAG insertion (2.3.5) | Hikashop Payza Payment Plugin (2.3.5) | Hikashop Currency Switcher Mod (2.3.5) | Hikashop - Mijoshop Fallback R (2.3.5) | System - Hikashop Social Plugi (2.3.5) | Hikashop no SSL outside checko (2.3.5) | Hikashop iPayDNA Payment Plugi (2.3.5) | Hikashop eSelect Payment Plugi (2.3.5) | Hikashop FirstData Payment Plu (2.3.5) | User - HikaShop (2.3.5) | Hikashop SOFORT Payment Plugin (2.3.5) | HikaShop Product TAG translati (2.3.5) | Hikashop CECA Payment Plugin (2.3.5) | Hikashop MasterCard Internet G (2.3.5) | Hikashop PayPlug payment plugi (2.3.5) | Hikashop - Kashflow invoice sy (2.3.5) | Hikashop WorldNetTPS Payment P (2.3.5) | Hikashop Paybox Plugin (2.3.5) | Hikashop UPS Shipping Plugin (2.3.5) | Hikashop Google Checkout Payme (2.3.5) | Hikashop eWAY Payment Plugin (2.3.5) | Hikashop Postfinance Payment P (2.3.5) | Hikashop Borgun payment plugin (2.3.5) | Hikashop HSBC Payment Plugin (2.3.5) | Hikashop Purchase Order Paymen (2.3.5) | Hikashop CANADA POST Shipping (2.3.5) | Hikashop Cart Module (2.3.5) | Hikashop User account Plugin (2.3.5) | Hikashop CyberMuth CIC Payment (2.3.5) | Hikashop googlewallet Payment (1.0) | Hikashop Manual Shipping Plugi (2.3.5) | Hikashop SIPS ATOS Payment Plu (2.3.5) | Hikashop Massaction Address Pl (2.3.5) | Search - Hikashop Products (2.3.5) | Hikashop OKPay Payment Plugin (2.3.5) | Hikashop Paypal Pro Payment Pl (2.3.5) | Ogone Payment Plugin (2.3.5) | HikaShop tax calculations over (2.3.5) | Hikashop Amazon Payment Plugin (2.3.5) | HikaShop Google Dynamic Remark (2.3.5) | Hikashop ePay Payment Plugin (2.3.5) | Hikashop Be2Bill Payment Plugi (2.3.5) | Hikashop Worldpay Global Gatew (2.3.5) | Hikashop FedEx Shipping Plugin (2.3.5) | Hikashop Product Tag (2.3.5) | Hikashop Payment Express Payme (2.3.5) | Hikashop TaxCloud Plugin (2.3.5) | Hikashop Module (2.3.5) | Hikashop Beanstream Payment Pl (2.3.5) | Hikashop Virtual Merchant (Ela (2.3.5) | Hikashop adyen Payment Plugin (1.0) | Hikashop payfast Payment Plugi (1.0) | Hikashop CANPAR Shipping Plugi (1.0.0) | Hikashop Alipay Payment Plugin (2.3.5) | Hikashop Servired Payment Plug (2.3.5) | Hikashop SagePay Payment Plugi (2.3.5) | Hikashop Paypal Payment Plugin (2.3.5) | Hikashop Innovative Gateway Pa (2.3.5) | HikaShop Shipping Manual - Pri (2.3.5) | Hikashop Stripe Payment Plugin (2.3.5) | Hikashop iVeri Payment Plugin (2.3.5) | Hikashop Registration Redirect (2.3.5) | Hikashop Australia Post eDeliv (2.3.5) | Hikashop PaymentExpress (PxPay (2.3.5) | Hikashop CardSave Payment Plug (2.3.5) | HikaShop: Date Picker Custom F (2.3.5) | Hikashop USPS Shipping Plugin (2.3.5) | Hikashop Paygate Payment Plugi (2.3.5) | Hikashop Validate free order P (2.3.5) | Hikashop Platron Payment Plugi (2.3.5) | Hikashop Authorize.net Payment (2.3.5) | HikaShop Netgiro payment plugi (2.3.5) | Hikashop PayJunction Payment P (2.3.5) | Hikashop Massaction Product Pl (2.3.5) | Hikashop History Plugin (2.3.5) | Hikashop Paypal Advanced payme (2.3.5) | Hikashop - VirtueMart Fallback (2.3.5) | Hikashop Bluepaid Payment Plug (2.3.5) | Hikashop Credit Card Payment P (2.3.5) | Hikashop Collect On Delivery P (2.3.5) | Hikashop Bank Transfer Payment (2.3.5) | Hikashop Massaction Category P (2.3.5) | Hikashop Common Joomla Payment (2.3.5) | Search - Hikashop Categories/M (2.3.5) | Hikashop WorldPay Business Gat (2.3.5) | Hikashop Moneybookers Payment (2.3.5) | Hikashop BitCoin Payment Plugi (1.0.0) | Hikashop Massaction Order Plug (2.3.5) | Hikashop Western Union Payment (2.3.5) | Hikashop Envoimoinscher Shippi (2.3.5) | Hikashop Paypal Express Checko (1.0.0) | System - HikaShop Mass Action (2.3.5) | Hikashop - Redshop Fallback Re (2.3.5) | Hikashop Check Payment Plugin (2.3.5) | Hikashop Nets NETAXEPT Payment (2.3.5) | Hikashop Massaction User Plugi (2.3.5) | HikaShop (2.3.5) | com_content (3.0.0) | com_menus (3.0.0) | com_login (3.0.0) | com_categories (3.0.0) |
Modules :: SITE :: mod_weblinks (3.0.0) | mod_articles_latest (3.0.0) | mod_breadcrumbs (3.0.0) | mod_menu (3.0.0) | Hikashop Currency Switcher Mod (2.3.5) | mod_tags_popular (3.1.0) | mod_languages (3.0.0) | K2 Comments (2.6.8) | Custom CSS (1.8) | Simple Email Form (1.8.5) | SP Accordion module (2.8.0) | mod_stats (3.0.0) | K2 User (2.6.8) | mod_whosonline (3.0.0) | Hikashop Cart Module (2.3.5) | mod_articles_category (3.0.0) | mod_users_latest (3.0.0) | mod_articles_news (3.0.0) | mod_tags_similar (3.1.0) | Hikashop Module (2.3.5) | mod_footer (3.0.0) | K2 Content (2.6.8) | mod_login (3.0.0) | mod_search (3.0.0) | mod_articles_popular (3.0.0) | mod_random_image (3.0.0) | mod_custom (3.0.0) | K2 Users (2.6.8) | mod_banners (3.0.0) | Creative Image Slider (2.0.0) | mod_articles_archive (3.0.0) | mod_articles_categories (3.0.0) | mod_related_items (3.0.0) | mod_finder (3.0.0) | mod_feed (3.0.0) | FavSocial (1.4) | mod_syndicate (3.0.0) | K2 Tools (2.6.8) | mod_wrapper (3.0.0) |
Modules :: ADMIN :: mod_menu (3.0.0) | mod_stats_admin (3.0.0) | mod_status (3.0.0) | mod_logged (3.0.0) | mod_popular (3.0.0) | mod_submenu (3.0.0) | K2 Stats (admin) (2.6.8) | mod_multilangstatus (3.0.0) | mod_login (3.0.0) | mod_toolbar (3.0.0) | mod_custom (3.0.0) | mod_title (3.0.0) | mod_latest (3.0.0) | mod_version (3.0.0) | K2 Quick Icons (admin) (2.6.8) | mod_quickicon (3.0.0) | mod_feed (3.0.0) |
Plugins :: SITE :: plg_editors-xtd_readmore (3.0.0) | plg_editors-xtd_pagebreak (3.0.0) | plg_editors-xtd_image (3.0.0) | HikaShop Product TAG insertion (2.3.5) | plg_editors-xtd_article (3.0.0) | Search - Hikashop Products (2.3.5) | plg_search_tags (3.0.0) | plg_search_content (3.0.0) | Search - K2 (2.6.8) | plg_search_categories (3.0.0) | plg_search_weblinks (3.0.0) | plg_search_contacts (3.0.0) | Search - Hikashop Categories/M (2.3.5) | plg_search_newsfeeds (3.0.0) | plg_user_profile (3.0.0) | User - K2 (2.6.8) | jNews User Synchronization (2.1) | plg_user_contactcreator (3.0.0) | plg_user_joomla (3.0.0) | plg_authentication_gmail (3.0.0) | plg_authentication_cookie (3.0.0) | plg_authentication_ldap (3.0.0) | plg_authentication_joomla (3.0.0) | plg_twofactorauth_yubikey (3.2.0) | plg_twofactorauth_totp (3.2.0) | plg_captcha_recaptcha (3.4.0) | HikaShop: Date Picker Custom F (2.3.5) | Hikashop - Kashflow invoice sy (2.3.5) | Hikashop Massaction Product Pl (2.3.5) | Hikashop History Plugin (2.3.5) | Hikashop Massaction Category P (2.3.5) | Hikashop Massaction User Plugi (2.3.5) | HikaShop Shipping Manual - Pri (2.3.5) | Hikashop User account Plugin (2.3.5) | Hikashop Massaction Order Plug (2.3.5) | Hikashop TaxCloud Plugin (2.3.5) | Hikashop Validate free order P (2.3.5) | Hikashop Massaction Address Pl (2.3.5) | plg_editors_tinymce (4.1.7) | plg_editors_jce (2.4.2) | plg_editors_codemirror (5.0) | plg_content_pagebreak (3.0.0) | plg_content_pagenavigation (3.0.0) | plg_content_emailcloak (3.0.0) | plg_content_finder (3.0.0) | plg_content_loadmodule (3.0.0) | plg_content_joomla (3.0.0) | plg_content_vote (3.0.0) | Josetta - K2 Categories (2.6.8) | Josetta - K2 Items (2.6.8) | jNews Content Bot (2.6) | jNews Share Bot (2.1) | jNews Tag: Date and Time (2.1) | jNews K2 Bot (2.1) | jNews Tag: Subscriber (2.1) | jNews Forward to Friend (2.1) | jNews Tag: Site Links (2.1) | jNews Tag: Subscriptions (2.1) | plg_extension_joomla (3.0.0) | Hikashop Paypal Advanced payme (2.3.5) | Hikashop Alipay Payment Plugin (2.3.5) | Hikashop payfast Payment Plugi (1.0) | Hikashop Worldpay Global Gatew (2.3.5) | Hikashop Google Checkout Payme (2.3.5) | Hikashop Credit Card Payment P (2.3.5) | Hikashop Beanstream Payment Pl (2.3.5) | Hikashop googlewallet Payment (1.0) | Hikashop eSelect Payment Plugi (2.3.5) | Hikashop adyen Payment Plugin (1.0) | Hikashop PayJunction Payment P (2.3.5) | Hikashop Paypal Pro Payment Pl (2.3.5) | Hikashop Paypal Payment Plugin (2.3.5) | Hikashop SOFORT Payment Plugin (2.3.5) | Hikashop PayPlug payment plugi (2.3.5) | Hikashop Paybox Plugin (2.3.5) | Hikashop Bank Transfer Payment (2.3.5) | Hikashop eWAY Payment Plugin (2.3.5) | Hikashop iVeri Payment Plugin (2.3.5) | Hikashop SIPS ATOS Payment Plu (2.3.5) | Hikashop Moneybookers Payment (2.3.5) | Hikashop HSBC Payment Plugin (2.3.5) | Hikashop ePay Payment Plugin (2.3.5) | Hikashop Authorize.net Payment (2.3.5) | Hikashop Paygate Payment Plugi (2.3.5) | Hikashop iPayDNA Payment Plugi (2.3.5) | Hikashop FirstData Payment Plu (2.3.5) | Hikashop Servired Payment Plug (2.3.5) | Hikashop CECA Payment Plugin (2.3.5) | Hikashop Western Union Payment (2.3.5) | Hikashop BitCoin Payment Plugi (1.0.0) | Hikashop Nets NETAXEPT Payment (2.3.5) | Hikashop Payment Express Payme (2.3.5) | Hikashop CardSave Payment Plug (2.3.5) | Hikashop Payza Payment Plugin (2.3.5) | Hikashop Stripe Payment Plugin (2.3.5) | Hikashop Purchase Order Paymen (2.3.5) | Hikashop Collect On Delivery P (2.3.5) | HikaShop Netgiro payment plugi (2.3.5) | Hikashop Borgun payment plugin (2.3.5) | Hikashop Platron Payment Plugi (2.3.5) | Hikashop Common Joomla Payment (2.3.5) | Hikashop Be2Bill Payment Plugi (2.3.5) | Hikashop PaymentExpress (PxPay (2.3.5) | Hikashop WorldNetTPS Payment P (2.3.5) | Hikashop Bluepaid Payment Plug (2.3.5) | Ogone Payment Plugin (2.3.5) | Hikashop CyberMuth CIC Payment (2.3.5) | Hikashop MasterCard Internet G (2.3.5) | Hikashop Virtual Merchant (Ela (2.3.5) | Hikashop Postfinance Payment P (2.3.5) | Hikashop Amazon Payment Plugin (2.3.5) | Hikashop Innovative Gateway Pa (2.3.5) | Hikashop Check Payment Plugin (2.3.5) | Hikashop Paypal Express Checko (1.0.0) | Hikashop OKPay Payment Plugin (2.3.5) | Hikashop SagePay Payment Plugi (2.3.5) | Hikashop WorldPay Business Gat (2.3.5) | plg_finder_tags (3.0.0) | plg_finder_content (3.0.0) | plg_finder_k2 (2.6.8) | plg_finder_categories (3.0.0) | plg_finder_weblinks (3.0.0) | plg_finder_contacts (3.0.0) | plg_finder_newsfeeds (3.0.0) | plg_system_p3p (3.0.0) | plg_system_debug (3.0.0) | HikaShop tax calculations over (2.3.5) | HikaShop Google Dynamic Remark (2.3.5) | plg_system_languagecode (3.0.0) | System - HikaShop Mass Action (2.3.5) | User - HikaShop (2.3.5) | System - K2 (2.6.8) | plg_system_sef (3.0.0) | plg_system_redirect (3.0.0) | plg_system_highlight (3.0.0) | Hikashop - Redshop Fallback Re (2.3.5) | Hikashop no SSL outside checko (2.3.5) | System - Hikashop Social Plugi (2.3.5) | Hikashop Product Tag (2.3.5) | Hikashop - Mijoshop Fallback R (2.3.5) | Hikashop - VirtueMart Fallback (2.3.5) | plg_system_languagefilter (3.0.0) | plg_system_log (3.0.0) | plg_system_remember (3.0.0) | Hikashop Registration Redirect (2.3.5) | HikaShop Product TAG translati (2.3.5) | plg_system_logout (3.0.0) | PLG_EASYJOOMLABACKUPCRONJOB (3-4) | plg_system_cache (3.0.0) | Creative Image Slider (2.0.0) | plg_quickicon_extensionupdate (3.0.0) | plg_quickicon_jcefilebrowser (2.4.2) | plg_quickicon_joomlaupdate (3.0.0) | plg_installer_webinstaller (1.0.5) | Hikashop Envoimoinscher Shippi (2.3.5) | Hikashop CANPAR Shipping Plugi (1.0.0) | Hikashop FedEx Shipping Plugin (2.3.5) | Hikashop Manual Shipping Plugi (2.3.5) | Hikashop USPS Shipping Plugin (2.3.5) | Hikashop Australia Post eDeliv (2.3.5) | Hikashop UPS Shipping Plugin (2.3.5) | Hikashop CANADA POST Shipping (2.3.5) |
Templates Discovered :: wrote:Templates :: SITE :: beez3 (3.1.0) | FavouriteDark (1.2) | protostar (1.0) |
Templates :: ADMIN :: hathor (3.0.0) | isis (1.0) |
Last edited by mandville on Sun Mar 29, 2015 6:35 pm, edited 1 time in total.
Reason: reformatted for readability
Reason: reformatted for readability
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website redirects to Malware. Pc and browser clean
could the virus checkers you are using not notice that the malware is actually a program, a BHO?
what do your htaccess looks like? is there a redirect in them?
you have serious permission issues with the 777.' it is best to follow checklist 7 - safe route to recovery
what do your htaccess looks like? is there a redirect in them?
you have serious permission issues with the 777.' it is best to follow checklist 7 - safe route to recovery
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
I have no idea what a BHO is,could you explain me please? . Malwarebytes did uninstall 2 programs but the problem is still there.
I attached a screenshot of what the htaccess looks like. I am not sure if i got it right? What i found is not a folder but just a item that does not contain anything inside it.
What is a permission issue 777? Where is checklist 7 ?
As i mentioned (and as you probably can see ) i am an amateur.
I attached a screenshot of what the htaccess looks like. I am not sure if i got it right? What i found is not a folder but just a item that does not contain anything inside it.
What is a permission issue 777? Where is checklist 7 ?
As i mentioned (and as you probably can see ) i am an amateur.
You do not have the required permissions to view the files attached to this post.
- leolam
- Joomla! Master
- Posts: 20652
- Joined: Mon Aug 29, 2005 10:17 am
- Location: Netherlands/ Germany/ S'pore/Bogor/ North America
- Contact:
Re: My website redirects to Malware. Pc and browser clean
http://en.wikipedia.org/wiki/Browser_Helper_Object is where Mandville refers at. ( BHOs are installed on your computer(!) by an outside software program)
Mandville asked you to post the content of the htaccess file here and not the file-structure.
Regarding permissions. Folders should always be '755' and files always '644'. Having folders and files on '777' is similar of going shopping while leaving your doors wide open and being amaze that when you return your home is empty.....https://docs.joomla.org/How_do_UNIX_fil ... ns_work%3F
Also fully outdated and not up-to-date extensions. To mention a few JCE/K2/Hikashop
So simply stated if you maintain your site insufficiently and you do not keep all upgraded you ask for problems
https://docs.joomla.org/Security_Checklist
Leo
Mandville asked you to post the content of the htaccess file here and not the file-structure.
Regarding permissions. Folders should always be '755' and files always '644'. Having folders and files on '777' is similar of going shopping while leaving your doors wide open and being amaze that when you return your home is empty.....https://docs.joomla.org/How_do_UNIX_fil ... ns_work%3F
Also fully outdated and not up-to-date extensions. To mention a few JCE/K2/Hikashop
So simply stated if you maintain your site insufficiently and you do not keep all upgraded you ask for problems
https://docs.joomla.org/Security_Checklist
Leo
Joomla's #1 Professional Services Provider:
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
#Joomla Professional Support: https://gws-desk.com -
#Joomla Specialized Hosting Solutions: https://gws-host.com -
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
Hi Leo.leolam wrote:http://en.wikipedia.org/wiki/Browser_Helper_Object is where Mandville refers at. ( BHOs are installed on your computer(!) by an outside software program)
Mandville asked you to post the content of the htaccess file here and not the file-structure.
Regarding permissions. Folders should always be '755' and files always '644'. Having folders and files on '777' is similar of going shopping while leaving your doors wide open and being amaze that when you return your home is empty.....https://docs.joomla.org/How_do_UNIX_fil ... ns_work%3F
Also fully outdated and not up-to-date extensions. To mention a few JCE/K2/Hikashop
So simply stated if you maintain your site insufficiently and you do not keep all upgraded you ask for problems
https://docs.joomla.org/Security_Checklist
Leo
-Ok it all now makes sense. My antivirus has removed 3 BHOs that i had for quite a long time,without any problems on the pc or the website.
-I have attached the htaccess file so you be the Judges
-I have this idea that i think will help locating the infected file. If i won't change the file permissions to the correct values,i will be able to locate maybe where the infected file might be (according to what i understand it should be in a file with 777 permission) Or you think this is not the case and i should change it immediately?
-My Joomla control panel tells me that all my extentions are up to date .
You do not have the required permissions to view the files attached to this post.
- mandville
- Joomla! Master
- Posts: 15152
- Joined: Mon Mar 20, 2006 1:56 am
- Location: The Girly Side of Joomla in Sussex
Re: My website redirects to Malware. Pc and browser clean
not all extensions will use the updater tool, go to extension manager and purcge the cache then find updates.
i briefly looked at the main three
K2 Version: 2.6.9
HikaShop Version: 2.4.0
JCE Version: 2.4.6
i briefly looked at the main three
K2 Version: 2.6.9
HikaShop Version: 2.4.0
JCE Version: 2.4.6
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
Ok. I have deleted 2 of them (because i dont use them) ,and i have updated the other one!mandville wrote:not all extensions will use the updater tool, go to extension manager and purcge the cache then find updates.
i briefly looked at the main three
K2 Version: 2.6.9
HikaShop Version: 2.4.0
JCE Version: 2.4.6
What should i do next?
-
- Joomla! Enthusiast
- Posts: 172
- Joined: Tue Aug 19, 2014 11:21 am
Re: My website redirects to Malware. Pc and browser clean
Do you think that if i delete the website,and then restore a backup i have from a month ago would be the safest-easiest thing to do ?mandville wrote:not all extensions will use the updater tool, go to extension manager and purcge the cache then find updates.
i briefly looked at the main three
K2 Version: 2.6.9
HikaShop Version: 2.4.0
JCE Version: 2.4.6