|
|
|
|
||||
|
Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. |
 |
|
|||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. |
|
|
Thread Tools |
02-26-2012, 08:23 PM
|
#1 |
|
So Fucking Banned
Industry Role:
Join Date: Nov 2010
Posts: 3,618
|
HELP - Exploit:JS/Blacole.AR on one of my sites - WTF do I do?
I go on my site and chrome asks me to update a plugin.
I do NOT update anything or click ok. Then Microsoft Security Essentials removes Exploit:JS/Blacole.AR from my chrome cache files. The site is running the latest Wordpress version and only adsense banners. How can I find out what is going on? |
|
|
|
02-26-2012, 08:31 PM
|
#2 |
|
So Fucking Banned
Industry Role:
Join Date: Nov 2010
Posts: 3,618
|
Halp!!!!
|
|
|
|
|
02-26-2012, 08:51 PM
|
#3 |
|
Unregistered Abuser
Industry Role:
Join Date: Oct 2007
Posts: 15,547
|
you start by disabling your plugins
|
|
|
|
|
02-26-2012, 09:02 PM
|
#4 |
|
Confirmed User
Industry Role:
Join Date: May 2010
Posts: 5,735
|
reboot the internet
|
|
|
|
|
02-26-2012, 09:13 PM
|
#5 |
|
So Fucking Banned
Industry Role:
Join Date: Nov 2010
Posts: 3,618
|
Hmpf disabled all plugins and reinstalled theme and wp.
Seems gone now. |
|
|
|
|
02-26-2012, 09:32 PM
|
#6 |
|
So Fucking Banned
Industry Role:
Join Date: Feb 2005
Posts: 1,225
|
That sucks there guy
|
|
|
|
|
02-26-2012, 09:51 PM
|
#7 |
|
Junior Achiever
Industry Role:
Join Date: Nov 2004
Location: Walled Garden
Posts: 17,066
|
Interpol has been notified.
|
|
|
|
|
02-26-2012, 10:33 PM
|
#8 |
|
Confirmed User
Industry Role:
Join Date: Sep 2007
Posts: 631
|
Run a scan of your site through this url to see what is going on.
http://sitecheck.sucuri.net/scanner/ .
__________________
Things that make ya go hmmmm.... |
|
|
|
|
02-26-2012, 10:48 PM
|
#9 |
|
Unregistered Abuser
Industry Role:
Join Date: Oct 2007
Posts: 15,547
|
now perform a backtrace and post the results here
|
|
|
|
|
02-26-2012, 11:04 PM
|
#10 | |
|
Confirmed User
![Jacob[Soft]'s Avatar](image.php?u=116685&dateline=1329323105)
Industry Role:
Join Date: Mar 2010
Location: http://HardLinks.ORG http://HardLinks.ORG http://HardLinks.ORG http://HardLinks.ORG http://HardLinks.ORG http://HardLinks.ORG
Posts: 873
|
Quote:
So, in order to find exploit on your server just use special aniviruses or analyze your html code
__________________
 Hundreds of One Way Hardlinks from Adult Sites Located All Over the World Testimonials and feedback from our clients Hardlinks.org - monthly payment options. We accept pp and paxum ~Ray, sales: webmaster[AT]advertisingsex.com ICQ: 94994627 Tech: jacob.uub[AT]gmail.com ICQ: 58581992 |
|
|
|
|
|
02-27-2012, 12:27 PM
|
#11 | |
|
So Fucking Banned
Industry Role:
Join Date: Nov 2010
Posts: 3,618
|
Quote:
I had tried some other scanners that did not find anything, this one did! |
|
|
|
|
|
02-27-2012, 12:36 PM
|
#12 |
|
SZNY
Industry Role:
Join Date: May 2004
Location: Sexy Republic
Posts: 2,800
|
Probably your js files are infected with an inject code probably because the locations where your js files are stored where not chmod in a good way.
__________________
Telegram: sandroanthonio |
|
|
|
|
02-27-2012, 12:38 PM
|
#13 |
|
Almost goners..
Industry Role:
Join Date: May 2008
Location: Netherlands
Posts: 11,420
|
Did you update a new theme on it?
If so, it was probably in the themes code and is now going all over your server. |
|
|
|
|
02-28-2012, 03:07 AM
|
#14 |
|
Registered User
Industry Role:
Join Date: Sep 2006
Location: nashvegas
Posts: 87
|
Had a similar issue recently, and it infected other wp installs on the same server.. thought it was cleared up - it came back... only way for me to get rid of..
backup all the infected sites (ftp will probably fail - but cpanel zip / backup works) - backup databases with pmpmyadmin to your local machine just in case.. make sure you backed up everything, maybe use cpanel files viewer to do a zip backup of the entire directory. ftp download your uploads folder in wp-content, ftp download your wp-config file in root then delete ALL the files... everything re-upload fresh install of wordpress files re-upload wp-config install the exploit scanner plugin from wordpress.org - so it checks your database (and files.) do not upload your /uploads/ until you have virus scanned it locally cry about any custom theme mods you just lost only get your plugins and themes from wordpress.org change your admin password to a looong one.. change your cpanel password.. truly paranoid - change your sql password for each database and update your wp-config with the new pass. I think that's all the steps, but I am a little over blogged and sleepy at the moment - if you backed up everything it won't matter if I missed a step.
__________________
There is no spoon - neo Sex Chat | Adult Chat | Sex Chat Webmaster Affiliate Programs |
|
|
|
