Infested links? Topic is solved

Discussion regarding Joomla! 3.x security issues.

Moderators: Bernard T, mandville, fcoulter, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
Post Reply
MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Infested links?

Post by MastaChu » Thu Mar 28, 2019 8:49 pm

Hi all!
I ahve made fresh website from old one that was hacked...
New one is latest Joomla and Virtuemart.
About 700 products acting as an cataloque, cca 20 articles made for intro and usual info...

The client wants to do marketing via Google ads, and there is the problem.
Here is a answer from Google...
Infected and problematic links are;
http://iyf search.com/?dn=home -designer.eu&pid=9PO75 5G95, http://iyf search.com/px.js?ch=1, http://iyf search.com/px.js?ch=2, http://iyf search.com/sk-logabp status.php?a=K zVOY1RJZzd4ODUrbE9HaVJPQzlZbjV2MjNlVTR0VjBoSG1rcGZSZndLdjVrNTU0bmhMSFEwNnEzSEwxVHN4WjdLUW92RnByWGRlS09VcmJtSTMwWXc0WVNhWTdxTEFlZjVZTGVpTFM3cjg9&b=false
https://screenshot. googleplex.com/uqzGhAtbL3L
I cant find them on website.
Searched database and files for keywords but 0 results.
Files downloaded and scanned, 0 results.
I ahve no idea what to do, and Google is not helping, all info provided is right up here... :eek:
Last edited by imanickam on Sat Mar 30, 2019 12:30 pm, edited 1 time in total.
Reason: Broke the links that are listed as infected links

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 37463
Joined: Sat Apr 05, 2008 9:58 pm

Re: Infested links?

Post by Webdongle » Thu Mar 28, 2019 11:04 pm

http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein

User avatar
leolam
Joomla! Master
Joomla! Master
Posts: 19740
Joined: Mon Aug 29, 2005 10:17 am
Location: Netherlands/ UK/ S'pore/Jakarta/ North America
Contact:

Re: Infested links?

Post by leolam » Sat Mar 30, 2019 7:35 am

What is the url of the site

Leo 8)
Joomla's #1 Professional Support Provider:
-> Joomla Professional Support: https://gws-desk.com -
-> Joomla Specialized Hosting Solutions: https://gws-host.com -
-> Joomla Webmaster Services: gws-webmaster.services

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Mon Apr 01, 2019 4:20 am

leolam wrote:
Sat Mar 30, 2019 7:35 am
What is the url of the site

Leo 8)
Here you go...

https://happyfloor-zagreb.com

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 37463
Joined: Sat Apr 05, 2008 9:58 pm

Re: Infested links?

Post by Webdongle » Mon Apr 01, 2019 8:51 am

https://sitecheck.sucuri.net shows clear. But your site could easily get compromised again for several reasons
1. Not deleting all the files and replacing them with fresh ones
2. Outdated software

viewtopic.php?f=806&t=969442 please
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Mon Apr 01, 2019 2:47 pm

Thanks.
I have done many tests online and local with downloaded website and found nothing.
It is hard to believe that malware is made with those links. It does not make sense but if they say that the links are somewhere please help me find them.
Only one thing is bothering me, if you google happyfloor and home-designer .eu you will get result...
Is it possible that google thinks on that link? The one on search engine that is linked nowhere but 404?
The old link: https://happyfloor-zagreb.com/dizajner.html On search https://www.google.com/search?ei=DiOiXL ... tFO7AGTUo4

Website was made frsh from start, only database and images were moved from old one, all was made locall...
Last edited by MastaChu on Mon Apr 01, 2019 3:04 pm, edited 2 times in total.

User avatar
toivo
Joomla! Master
Joomla! Master
Posts: 11478
Joined: Thu Feb 15, 2007 5:48 am
Location: Suzhou, China

Re: Infested links?

Post by toivo » Mon Apr 01, 2019 2:59 pm

Please follow the instructions and post the BBCode from the FPA, then remove the script from the website.
Toivo Talikka, Global Moderator

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Mon Apr 01, 2019 3:05 pm

Here u go...
Forum Post Assistant (v1.4.8 (koine)) : 1st April 2019 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 3.9.4-Stable (Amani) 12-March-2019
Joomla! Platform :: Joomla Platform 13.1.0-Stable (Curiosity) 24-Apr-2013
Joomla! Configured :: Yes | Read-Only (444) | Owner: --protected-- . (uid: 1/gid: 1) | Group: --protected-- (gid: 1) | Valid For: 3.9
Configuration Options :: Offline: false | SEF: true | SEF Suffix: true | SEF ReWrite: true | .htaccess/web.config: Yes | GZip: true | Cache: true | CacheTime: 15 | CacheHandler: file | CachePlatformPrefix: true | FTP Layer: false | Proxy: false | LiveSite: | Session lifetime: 15 | Session handler: database | Shared sessions: false | SSL: 2 | Error Reporting: none | Site Debug: false | Language Debug: false | Default Access: 1 | Unicode Slugs: false | dbConnection Type: mysqli | PHP Supports J! 3.9.4: Yes | Database Supports J! 3.9.4: Yes | Database Credentials Present: Yes |

Host Configuration :: OS: Linux | OS Version: 2.6.32-954.3.5.lve1.4.61.el6.x86_64 | Technology: x86_64 | Web Server: Apache | Encoding: gzip, deflate | Doc Root: --protected-- | System TMP Writable: Yes | Free Disk Space : 87.90 GiB |

PHP Configuration :: Version: 7.3.3 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: | Error Reporting: 32767 | Log Errors To: error_log | Last Known Error: | Register Globals: | Magic Quotes: | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 12M | Max. POST Size: 18M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 128M

Database Configuration :: Version: 5.6.43 (Client:5.6.43) | Host: --protected-- (--protected--) | default Collation: latin1_swedish_ci (default Character Set: latin1) | Database Size: 52.03 MiB | #of Tables:  268
Detailed Environment :: wrote:PHP Extensions :: Core (7.3.3) | date (7.3.3) | libxml (7.3.3) | openssl (7.3.3) | pcre (7.3.3) | sqlite3 (7.3.3) | zlib (7.3.3) | bz2 (7.3.3) | calendar (7.3.3) | ctype (7.3.3) | curl (7.3.3) | hash (7.3.3) | filter (7.3.3) | ftp (7.3.3) | gettext (7.3.3) | gmp (7.3.3) | SPL (7.3.3) | iconv (7.3.3) | pcntl (7.3.3) | readline (7.3.3) | Reflection (7.3.3) | session (7.3.3) | standard (7.3.3) | shmop (7.3.3) | SimpleXML (7.3.3) | mbstring (7.3.3) | tokenizer (7.3.3) | xml (7.3.3) | cgi-fcgi () | Phar (7.3.3) | bcmath (7.3.3) | posix (7.3.3) | dba (7.3.3) | imap (7.3.3) | pspell (7.3.3) | dom (20031129) | wddx (7.3.3) | intl (7.3.3) | enchant (7.3.3) | snmp (7.3.3) | xmlreader (7.3.3) | fileinfo (7.3.3) | json (1.7.0) | PDO (7.3.3) | soap (7.3.3) | xmlrpc (7.3.3) | gd (7.3.3) | ldap (7.3.3) | sockets (7.3.3) | xmlwriter (7.3.3) | xsl (7.3.3) | exif (7.3.3) | pdo_mysql (7.3.3) | sysvmsg (7.3.3) | zip (1.15.4) | sysvsem (7.3.3) | mysqli (7.3.3) | pdo_pgsql (7.3.3) | sysvshm (7.3.3) | mysqlnd (mysqlnd 5.0.12-dev - 20150407 - $Id: 7cc7cc96e675f6d72e5cf0f267f48e167c2abb23 $) | pdo_sqlite (7.3.3) | ionCube Loader () | Zend Engine (3.3.3) |
Potential Missing Extensions ::

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) | administrator/logs/ (755) |

Elevated Permissions (First 10) ::
Database Information :: wrote:Database statistics :: Uptime: 365418 | Threads: 3 | Questions: 164951827 | Slow queries: 6944 | Opens: 40085817 | Flush tables: 1 | Open tables: 2000 | Queries per second avg: 451.405 |
Extensions Discovered :: wrote:Components :: SITE ::
Core :: com_wrapper (3.0.0) 1 | com_mailto (3.0.0) 1 |
3rd Party:: WF_POPUPS_JCEMEDIABOX_TITLE (2.6.38) ? | WF_POPUPS_WINDOW_TITLE (2.6.38) ? | WF_FILESYSTEM_JOOMLA_TITLE (2.6.38) ? | WF_AGGREGATOR_DAILYMOTION_TITLE (2.6.38) ? | WF_AGGREGATOR_VIMEO_TITLE (2.6.38) ? | WF_AGGREGATOR_[youtube]_TITLE (2.6.38) ? | WF_AGGREGATOR_VINE_TITLE (2.6.38) ? | WF_LINK_SEARCH_TITLE (2.6.38) ? | WF_LINKS_JOOMLALINKS_TITLE (2.6.38) ? | WF_LISTS_TITLE (2.6.38) ? | WF_AUTOSAVE_TITLE (2.6.38) ? | WF_DIRECTIONALITY_TITLE (2.6.38) ? | WF_CLEANUP_TITLE (2.6.38) ? | WF_BROWSER_TITLE (2.6.38) ? | WF_STYLE_TITLE (2.6.38) ? | WF_IMGMANAGER_TITLE (2.6.38) ? | WF_TABLE_TITLE (2.6.38) ? | WF_LAYER_TITLE (2.6.38) ? | WF_VISUALCHARS_TITLE (2.6.38) ? | WF_FONTSELECT_TITLE (2.6.38) ? | WF_FULLSCREEN_TITLE (2.6.38) ? | WF_LINK_TITLE (2.6.38) ? | WF_NONBREAKING_TITLE (2.6.38) ? | WF_ANCHOR_TITLE (2.6.38) ? | WF_ARTICLE_TITLE (2.6.38) ? | WF_INLINEPOPUPS_TITLE (2.6.38) ? | WF_CLIPBOARD_TITLE (2.6.38) ? | WF_PREVIEW_TITLE (2.6.38) ? | WF_STYLESELECT_TITLE (2.6.38) ? | WF_XHTMLXTRAS_TITLE (2.6.38) ? | WF_PRINT_TITLE (2.6.38) ? | WF_EMOTIONS_TITLE (2.6.38) ? | WF_SPELLCHECKER_TITLE (2.6.38) ? | WF_SEARCHREPLACE_TITLE (2.6.38) ? | WF_FORMATSELECT_TITLE (2.6.38) ? | WF_HR_TITLE (2.6.38) ? | WF_KITCHENSINK_TITLE (2.6.38) ? | WF_VISUALBLOCKS_TITLE (2.6.38) ? | WF_TEXTCASE_TITLE (2.6.38) ? | WF_SOURCE_TITLE (2.6.38) ? | WF_FONTSIZESELECT_TITLE (2.6.38) ? | WF_CONTEXTMENU_TITLE (2.6.38) ? | WF_FONTCOLOR_TITLE (2.6.38) ? | WF_MEDIA_TITLE (2.6.38) ? | WF_CHARMAP_TITLE (2.6.38) ? |

Components :: ADMIN ::
Core :: com_plugins (3.0.0) 1 | com_search (3.0.0) 1 | com_checkin (3.0.0) 1 | com_tags (3.1.0) 1 | com_actionlogs (3.9.0) 1 | com_users (3.0.0) 1 | com_banners (3.0.0) 1 | com_ajax (3.2.0) 1 | com_contenthistory (3.2.0) 1 | com_joomlaupdate (3.6.2) 1 | com_fields (3.7.0) 1 | com_cpanel (3.0.0) 1 | com_categories (3.0.0) 1 | com_languages (3.0.0) 1 | com_associations (3.7.0) 1 | com_config (3.0.0) 1 | com_templates (3.0.0) 1 | com_login (3.0.0) 1 | com_menus (3.0.0) 1 | com_redirect (3.0.0) 1 | com_media (3.0.0) 1 | com_modules (3.0.0) 1 | com_admin (3.0.0) 1 | com_finder (3.0.0) 1 | com_postinstall (3.2.0) 1 | com_newsfeeds (3.0.0) 1 | com_privacy (3.9.0) 1 | com_messages (3.0.0) 1 | com_cache (3.0.0) 1 | com_installer (3.0.0) 1 | com_content (3.0.0) 1 |
3rd Party:: COM_FORMMAKER (3.6.15) 1 | JCH Optimize (5.4.2) 1 | com_jabuilder (1.0.7) 1 | Securitycheck Pro (3.1.5) 1 | VIRTUEMART (-) 1 | ECB Currency Converter (1.0) ? | Eyesite (5.06) 1 | VirtueMart_allinone (-) 1 | COM_OSGALLERY (4.5.16 Light) 1 | JotCache (6.2.1) 1 | Akeeba (6.4.2.1) 1 | tcpdf (1.0.5) 1 | AcyMailing Tag : Manage the Subscri (5.10.2) ? | AcyMailing JCE integration (5.10.2) ? | AcyMailing Tag : Website links (3.7.0) 1 | AcyMailing Tag : Date / Time (5.10.2) 1 | AcyMailing : Statistics Plugin (3.7.0) 1 | AcyMailing Template Class Replacer (5.10.2) 1 | AcyMailing : trigger Joomla Content (3.7.0) ? | AcyMailing Module (3.7.0) 1 | AcyMailing Tag : Joomla User Inform (5.10.2) ? | AcyMailing : share on social networ (1.0.0) ? | AcyMailing : (auto)Subscribe during (5.10.2) ? | AcyMailing Editor (5.10.2) 1 | AcyMailing table of contents genera (1.0.0) ? | AcyMailing Manage text (1.0.0) 1 | AcyMailing Tag : Subscriber informa (5.10.2) ? | AcyMailing Tag : content insertion (3.7.0) 1 | AcyMailing (5.10.4) 1 | com_jaextmanager (2.6.5) 1 | com_jaextmanager (2.5.3) 1 | COM_JCE (2.6.38) 1 |

Modules :: SITE ::
Core :: mod_finder (3.0.0) 1 | mod_random_image (3.0.0) 1 | mod_articles_archive (3.0.0) 1 | mod_articles_category (3.0.0) 1 | mod_stats (3.0.0) 1 | mod_articles_news (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_footer (3.0.0) 1 | mod_search (3.0.0) 1 | mod_articles_latest (3.0.0) 1 | mod_syndicate (3.0.0) 1 | mod_wrapper (3.0.0) 1 | mod_login (3.0.0) 1 | mod_breadcrumbs (3.0.0) 1 | mod_tags_similar (3.1.0) 1 | mod_articles_categories (3.0.0) 1 | mod_whosonline (3.0.0) 1 | mod_languages (3.5.0) 1 | mod_users_latest (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_related_items (3.0.0) 1 | mod_articles_popular (3.0.0) 1 | mod_banners (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_tags_popular (3.1.0) 1 |
3rd Party:: mod_virtuemart_product (3.4.2) 1 | MOD_JA_ACM (2.1.4) 1 | mod_weather_gk4 (1.8.0) 1 | mod_virtuemart_currencies (3.4.2) 1 | JA Masthead (1.0.5) 1 | AcyMailing Module (3.7.0) 1 | JA VM Products (1.0.5) 1 | mod_virtuemart_search (3.4.2) 1 | JS Facebook Likebox Slider (6.2.0) 1 | mod_virtuemart_manufacturer (3.4.2) 1 | mod_virtuemart_category (3.4.2) 1 | mod_virtuemart_cart (3.4.2) 1 | Form Maker Module (3.6.15) 1 |

Modules :: ADMIN ::
Core :: mod_submenu (3.0.0) 1 | mod_feed (3.0.0) 1 | mod_version (3.0.0) 1 | mod_quickicon (3.0.0) 1 | mod_stats_admin (3.0.0) 1 | mod_privacy_dashboard (3.9.0) 1 | mod_popular (3.0.0) 1 | mod_login (3.0.0) 1 | mod_status (3.0.0) 1 | mod_logged (3.0.0) 1 | mod_toolbar (3.0.0) 1 | mod_sampledata (3.8.0) 1 | mod_title (3.0.0) 1 | mod_menu (3.0.0) 1 | mod_multilangstatus (3.0.0) 1 | mod_custom (3.0.0) 1 | mod_latestactions (3.9.0) 1 | mod_latest (3.0.0) 1 |
3rd Party:: JA Builder Quick Icons (1.0.1) 1 | JA Builder Admin Menu (1.0.0) 1 | VirtueMart Administrator Menu (3.4.2) 1 | Securitycheck Pro Info Module (3.1.5) 1 |

Libraries :: SITE ::
Core ::
3rd Party:: file_fof30 (3.4.2) ? | Free Mono (-) ? | Helvetica (-) ? |

Plugins :: SITE ::
Core :: plg_finder_contacts (3.0.0) 1 | plg_finder_content (3.0.0) 1 | plg_finder_newsfeeds (3.0.0) 1 | plg_finder_categories (3.0.0) 1 | plg_finder_tags (3.0.0) 1 | plg_twofactorauth_totp (3.2.0) 0 | plg_twofactorauth_yubikey (3.2.0) 0 | plg_extension_joomla (3.0.0) 1 | plg_system_highlight (3.0.0) 1 | plg_system_logrotation (3.9.0) 1 | plg_system_sessiongc (3.8.6) 1 | plg_system_sef (3.0.0) 1 | plg_system_languagecode (3.0.0) 0 | plg_system_languagefilter (3.0.0) 0 | PLG_SYSTEM_ACTIONLOGS (3.9.0) 1 | plg_system_privacyconsent (3.9.0) 0 | plg_system_cache (3.0.0) 0 | plg_system_remember (3.0.0) 1 | plg_system_fields (3.7.0) 1 | plg_system_debug (3.0.0) 1 | plg_system_redirect (3.0.0) 0 | plg_system_updatenotification (3.5.0) 1 | plg_system_logout (3.0.0) 1 | plg_system_stats (3.5.0) 1 | plg_system_log (3.0.0) 1 | plg_system_p3p (3.0.0) 0 | plg_editors-xtd_menu (3.7.0) 1 | plg_editors-xtd_article (3.0.0) 1 | plg_editors-xtd_pagebreak (3.0.0) 1 | plg_editors-xtd_fields (3.7.0) 1 | plg_editors-xtd_readmore (3.0.0) 1 | plg_editors-xtd_module (3.5.0) 1 | plg_editors-xtd_image (3.0.0) 1 | plg_user_joomla (3.0.0) 1 | plg_user_profile (3.0.0) 0 | plg_user_contactcreator (3.0.0) 0 | plg_user_terms (3.9.0) 0 | plg_content_joomla (3.0.0) 1 | plg_content_finder (3.0.0) 0 | plg_content_vote (3.0.0) 0 | plg_content_emailcloak (3.0.0) 1 | plg_content_pagenavigation (3.0.0) 1 | plg_content_pagebreak (3.0.0) 1 | plg_content_fields (3.7.0) 1 | plg_content_loadmodule (3.0.0) 1 | plg_content_confirmconsent (3.9.0) 0 | plg_fields_text (3.7.0) 1 | plg_fields_calendar (3.7.0) 1 | plg_fields_repeatable (3.9.0) 1 | plg_fields_textarea (3.7.0) 1 | plg_fields_imagelist (3.7.0) 1 | plg_fields_user (3.7.0) 1 | plg_fields_sql (3.7.0) 1 | plg_fields_checkboxes (3.7.0) 1 | plg_fields_editor (3.7.0) 1 | plg_fields_integer (3.7.0) 1 | plg_fields_color (3.7.0) 1 | plg_fields_url (3.7.0) 1 | plg_fields_list (3.7.0) 1 | plg_fields_media (3.7.0) 1 | plg_fields_usergrouplist (3.7.0) 1 | plg_fields_radio (3.7.0) 1 | plg_authentication_joomla (3.0.0) 1 | plg_authentication_cookie (3.0.0) 1 | plg_authentication_ldap (3.0.0) 0 | plg_authentication_gmail (3.0.0) 0 | PLG_ACTIONLOG_JOOMLA (3.9.0) 1 | plg_privacy_consents (3.9.0) 1 | plg_privacy_actionlogs (3.9.0) 1 | plg_privacy_user (3.9.0) 1 | plg_privacy_content (3.9.0) 1 | plg_privacy_message (3.9.0) 1 | plg_quickicon_privacycheck (3.9.0) 1 | plg_quickicon_phpversioncheck (3.7.0) 1 | plg_quickicon_extensionupdate (3.0.0) 1 | plg_quickicon_joomlaupdate (3.0.0) 1 | plg_search_contacts (3.0.0) 1 | plg_search_content (3.0.0) 1 | plg_search_newsfeeds (3.0.0) 1 | plg_search_categories (3.0.0) 1 | plg_search_tags (3.0.0) 1 | plg_installer_webinstaller (2.0.0-beta) 1 | PLG_INSTALLER_URLINSTALLER (3.6.0) 1 | PLG_INSTALLER_FOLDERINSTALLER (3.6.0) 1 | plg_installer_packageinstaller (3.6.0) 1 | plg_captcha_recaptcha_invisible (3.8) 0 | plg_captcha_recaptcha (3.4.0) 1 |
3rd Party:: plg_extension_jce (2.6.38) 1 | plg_editors_tinymce (4.5.9) 1 | AcyMailing Editor (5.10.4) 1 | plg_editors_codemirror (5.40.0) 1 | plg_editors_jce (2.6.38) 1 | VMCustom - textinput (3.4.2) ? | plgvm_specification (3.4.2) 1 | By weight, ZIP and countries (3.4.2) 1 | System - url Inspector (3.1.5) 0 | PLG_SYSTEM_BACKUPONUPDATE (6.4.2.1) 0 | plg_vm_route (2.5.0) ? | System - JCE MediaBox (1.2.9) 0 | PLG_JSCSSCONTROL (3.2.1) 0 | Hikashop - VirtueMart Fallback Redi (3.4.0) ? | System - JA Google Map (2.6.5) 1 | Hikashop - Redshop Fallback Redirec (3.4.0) ? | CookieHint (1.3.7) 1 | manage.myJoomla.com Secure Plugin (n/a) 1 | JotMarker (6.2.1) 1 | PLG_SYSTEM_AKEEBAACTIONLOG (6.4.2.1) 0 | PLG_SYSTEM_AKEEBAUPDATECHECK (6.4.2.1) 0 | OS Gallery System (3.2.6) 1 | System - Securitycheck Pro (3.1.5) 1 | PLG_SYSTEM_JCH_OPTIMIZE (5.4.2) 0 | JUB (1.1.6) 0 | Canonical Links (3.46) 1 | T3 Framework (2.7.4) 1 | System - Securitycheck Pro Cron (3.1.5) 0 | JotCache (6.2.1) 1 | plg_system_virtuemart (1.0.0) 0 | PLG_LAZYLOADFORJOOMLA (3.4.0) 0 | AMAZON (3.4.2) 0 | VM Framework Loader during Plugin U (1.0) ? | System - JA Content Type (1.0.4) 1 | plg_system_jce (2.6.38) 1 | AcyMailing : (auto)Subscribe during (5.10.4) ? | VM Payment - klikandpay (3.4.2) ? | Klarna (3.4.2) 0 | VM Payment - eway (3.4.2) 0 | VM Payment - Paybox (3.4.2) 0 | Sofort (3.4.2) 0 | Sofort Ideal (3.4.2) 0 | realex_hpp_api (3.4.2) 0 | Standard (3.4.2) 1 | Klarna Checkout (3.4.2) 0 | Authorize.net AIM (3.4.2) 0 | Skrill (3.4.2) 0 | 2Checkout (3.4.2) 0 | AMAZON (3.4.2) 0 | Heidelpay (16.11.07) 0 | PayPal (3.4.2) 1 | Crawler Extended (6.2.1) 1 | Crawler (6.2.1) 1 | Recache (6.2.1) 1 | JotLoadmodule (6.2.1) 0 | Simple Image Gallery (by JoomlaWork (3.6.0) ? | Simple Image Gallery (by JoomlaWork (3.6.0) ? | plg_content_jce (2.6.38) 1 | AllVideos (by JoomlaWorks) (4.8.0) 0 | AllVideos (by JoomlaWorks) (4.8.0) 0 | Content - Load Form Maker (3.6.15) 1 | plg_fields_mediajce (2.6.38) 1 | AcyMailing Template Class Replacer (5.10.4) 1 | AcyMailing Tag : Website links (3.7.0) 1 | AcyMailing Tag : Subscriber informa (5.10.4) ? | AcyMailing Manage text (1.0.0) 1 | AcyMailing Tag : Manage the Subscri (5.10.4) ? | AcyMailing Tag : Joomla User Inform (5.10.4) ? | AcyMailing Tag : content insertion (3.7.0) 1 | AcyMailing : trigger Joomla Content (3.7.0) ? | AcyMailing : Statistics Plugin (3.7.0) 1 | AcyMailing : share on social networ (1.0.0) ? | AcyMailing Tag : Date / Time (5.10.4) 1 | AcyMailing table of contents genera (1.0.0) ? | VM - Calculation Avalara Tax (3.4.2) ? | plg_quickicon_akeebabackup (6.4.2.1) 1 | plg_quickicon_jce (2.6.38) 1 | Search - VirtueMart (3.4.2) 0 | Installer - Securitycheck Pro (3.1.5) 1 | plg_installer_jce (2.6.38) 1 | eway (3.4.2) 0 | Realex_hpp_api (3.4.2) 0 |
Templates Discovered :: wrote:Templates :: SITE :: beez3 (3.1.0) 1 | protostar (1.0) 1 | vmbeez3 (3.2.0) 1 | ja_shoe (1.0.5) 1 |
Templates :: ADMIN :: isis (1.0) 1 | hathor (3.0.0) 1 |
Last edited by toivo on Mon Apr 01, 2019 3:36 pm, edited 1 time in total.
Reason: mod note: disabled smilies in post Options for readability

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 37463
Joined: Sat Apr 05, 2008 9:58 pm

Re: Infested links?

Post by Webdongle » Mon Apr 01, 2019 3:32 pm

You have an old version of Form Maker ... previous versions were hackable.
jabuilder is old
AcyMailing looks like an older version
You have two versions of com_jaextmanager
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Mon Apr 01, 2019 4:19 pm

Webdongle wrote:
Mon Apr 01, 2019 3:32 pm
You have an old version of Form Maker ... previous versions were hackable.
jabuilder is old
AcyMailing looks like an older version
You have two versions of com_jaextmanager
Thanks, website was made locally, than uploaded online.
Updates and removal have been done.
But i really doubt that someone has made hack and put links somewhere noone can find them and those links are not about viagra or something...
What bothers me most is it possible tah Google has some cashe of old website and still thinks that the new one is infected?

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 37463
Joined: Sat Apr 05, 2008 9:58 pm

Re: Infested links?

Post by Webdongle » Mon Apr 01, 2019 5:10 pm

MastaChu wrote:
Mon Apr 01, 2019 4:19 pm
...
But i really doubt that someone has made hack and put links somewhere noone can find them and those links are not about viagra or something...
Yes they do that's why you need to delete all your files or have a professional sort your site out. That is why my first reply said
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein

User avatar
Per Yngve Berg
Joomla! Master
Joomla! Master
Posts: 26141
Joined: Mon Oct 27, 2008 9:27 pm
Location: Akershus, Norway

Re: Infested links?

Post by Per Yngve Berg » Mon Apr 01, 2019 7:47 pm

Have you replaced .htaccess with a fresh htaccess.txt file?

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Mon Apr 01, 2019 8:12 pm

Per Yngve Berg wrote:
Mon Apr 01, 2019 7:47 pm
Have you replaced .htaccess with a fresh htaccess.txt file?
No, but i have checked it...

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Mon Apr 01, 2019 8:14 pm

Anyone knows how to see or where to look to see outgoing links from mine website?

User avatar
Webdongle
Joomla! Master
Joomla! Master
Posts: 37463
Joined: Sat Apr 05, 2008 9:58 pm

Re: Infested links?

Post by Webdongle » Mon Apr 01, 2019 9:00 pm

MastaChu wrote:
Mon Apr 01, 2019 8:14 pm
Anyone knows how to see or where to look to see outgoing links from mine website?
https://manage.myjoomla.com/en/register/ will check your site
http://www.weblinksonline.co.uk/
https://www.weblinksonline.co.uk/updating-joomla.html
"The definition of insanity is doing the same thing over and over again, but expecting different results": Albert Einstein

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Wed Apr 03, 2019 4:20 am

Good news people...
The client has his ads approved by Google...
Now we will never knw what happened but i think the reason is Google cache...
Thank you all for taking time to read and answer me.
Wish you all the best...

User avatar
Per Yngve Berg
Joomla! Master
Joomla! Master
Posts: 26141
Joined: Mon Oct 27, 2008 9:27 pm
Location: Akershus, Norway

Re: Infested links?

Post by Per Yngve Berg » Wed Apr 03, 2019 7:05 am

Did you ask Google to reindex your site in your Google Webmaster Console?
That will speed up the process.

MastaChu
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Mon Oct 30, 2006 9:17 pm

Re: Infested links?

Post by MastaChu » Thu Apr 04, 2019 4:25 am

Per Yngve Berg wrote:
Wed Apr 03, 2019 7:05 am
Did you ask Google to reindex your site in your Google Webmaster Console?
That will speed up the process.
Yes i did. ;)


Post Reply

Return to “Security in Joomla! 3.x”