Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Davecom on June 15, 2013, 11:23:18 PM
-
My website hxxp://www.dpandassociates.net uses this for galleries hxxp://www.magichtml.com/javascriptslideshow/index.html says infected with Infection:
JS:Agent-BYJ [Trj] every website that use it same thing have used it for a while with no problems.....Thanks for any Help
-
is it the first or second url you posted that is the problem?
quttera report on first url
http://quttera.com/detailed_report/www.dpandassociates.net
-
Mine is the first site the second is the company that sales the product. Any suggestions.....Thanks
-
Well it is being alerted here: http://urlquery.net/report.php?id=3143426
IDS comes in the RBN ruleset and as a webclient rule
Also Bad customer experience reported on WOT
This for the main site I get no avast alerts in Google Chrome,
and I get this <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /javascriptslideshow/js/undefined was not found on this server.</p> </body></html>
This javascriptslideshow/js/ can come spyware infected or with a keygenerator, also can come via WP infection via default-filters.php, etc
Also protect against dovecot vulnerabilities....f you don't use imap or pop3, then remove dovecot...
polonus
-
For what Quttera reports
/js/mhgallery.js
Severity: Potentially Suspicious
Reason: Suspicious JavaScript code injection.
Details see image attacked..
File size[byte]: 24447
File type: ASCII
MD5: E38D25E777A922D1294816C93D580E74 - same as here: http://www.quttera.com/detailed_report/www.dptvng.com
Hick-ups in this code but benign: http://jsunpack.jeek.org/?report=fe1176a126d3f962516bd5f5c3c6bf2dedb99766
polonus
-
Thanks for the help. But im thinking the company will come out with a fix, I don't know what else to do. I wrote them and let them know about it. heck it even does it on their website. Still any more suggestions would be appreciated....
-
This is the alert that I get scanning the javascript slideshow download url with DrWeb's URL checker (giving it as clean), see image attached
polonus
-
I'm stuck dont know what to do............
-
Thank you.....Pondus and polonus. The company got it fixed. But wanted to thank you for your help. :) :) :) :) :) :) :)
-
Dave,
Could you please let me know how it was fixed, did the company provide an updated mhgallery.js file? It is just that I have the same problem on my website but no one from the company (Magic Hills) has replied to my email.
Duncan
-
Hi i really need help with this same issue!! I run a website for someone and use the same Javascript Slideshow Maker and my computer keeps blocking the slideshows when i try to check them to make sure i did it right. I dont want them to be infected by looking at their own website (they dont have up to date software) I already tried over writing it with a new one from my comp, and scanning it shows it is clean on my end, it must be on the site. Can someone advise HOW this was solved??
-
The company HTML 5 Box (Magid HTML) have upgraded the software and javascript files, they can be downloaded from:
http://www.magichtml.com/download.html
These updated files cure the problem.
-
Hi Davecom,
Well great that our explorations helped towards a solution. That is why this forum is great,
Stay safe and secure,
polonus