Author Topic: innovativelychallenged.com  (Read 3348 times)

0 Members and 1 Guest are viewing this topic.

avastment

  • Guest
innovativelychallenged.com
« on: April 30, 2009, 08:18:29 AM »
when I go to

http://www.innovativelychallenged.com

and click on any of those links I get a message like

http://i255.photobucket.com/albums/hh134/imagesonweb/2009-04-29_230131.gif

Only script is on index.html and it's from statcounter and not on other pages where Advast pops up warning about virus.

why?

Offline .: L' arc :.

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1780
  • Thinking with Portals
Re: innovativelychallenged.com
« Reply #1 on: April 30, 2009, 01:31:14 PM »
-= Infected with a JS Redirector..?

-= It might be hacked.. I can't help further.. Maybe this article would be a help..
http://www.microsoft.com/security/portal/Entry.aspx?Name=Trojan:JS/Redirector.H
Windows 7 (64-bit) Home Premium SP1
avast! 9 RC1

avastment

  • Guest
Re: innovativelychallenged.com
« Reply #2 on: April 30, 2009, 05:47:39 PM »
See below I did a Ctrl+F5 to each *.htm file in Expression web, deleted each on server and then uploaded those I did Ctrl+F5. And it seems to be fine now.  Also changed my cache dcleaner to CCleaner which seems to clean more files and it also found more files needing cleaning.  Thing is I usually did a dcleaner every other day or so.


"Going back to the "94.247.2.195", once that code is on your page, & then once you Allow your page (innovativelychallenged as the case may be) & it refreshed, that code, JavaScript code is then interpreted, & at that point the 94.247.2.195 then shows up as a site that can than be Allowed in NoScript (not that you would ever want to do that).

If you subsequently forbid your site, even though that code is then blocked (?), you are still reading from your disk cash, & so the 94.247.2.195 will still show up in NoScript. If you force+refresh (Ctrl+F5 or similar), then the page will reload from the server, & the 94.247.2.195 will no longer show in NoScript."