Skip to Content Skip to Menu

Possible site infection?

  • FSEconomy
  • FSEconomy
  • OFFLINE
  • Posts: 31
  • Thanks: 4
  • Karma: 0
9 years 7 months ago #275804 by FSEconomy
Possible site infection? was created by FSEconomy
Today, I received an email from a site user that his Kaspersky AV program was alerting him to malware on my site. The specific file flagged is:

www.fseconomy.net/media/system/js/caption.js

And Kaspersky calls it: HEUR:Trojan.Script.Generic

I uploaded that JS file into a few online scanners, and for the most part nothing was detected. The kaspersky check did confirm what this user said, and Avast also flagged it as "JS:Iframe-EON"

So, I guess my question is... does anyone else have this same js file in their directory structure, or was this file possibly injected?


Any other thoughts appreciated.

Thanks!

Please Log in or Create an account to join the conversation.

  • FSEconomy
  • FSEconomy
  • OFFLINE
  • Posts: 31
  • Thanks: 4
  • Karma: 0
9 years 7 months ago #275805 by FSEconomy
Replied by FSEconomy on topic Possible site infection?
I tried to include the js code in between the /code/ tags, but I got an error message:

Forbidden

You don't have permission to access /forum on this server.

Please Log in or Create an account to join the conversation.

  • krileon
  • krileon
  • ONLINE
  • Posts: 49439
  • Thanks: 8464
  • Karma: 1465
9 years 7 months ago #275840 by krileon
Replied by krileon on topic Possible site infection?
That's a core Joomla JS file. Nothing to do with CB it self. There is no iframe usage in that file and is used to style captions overlaying ontop of an image. My guess is those antivirus software are being overaggressive and reporting a false positive. To be safe replace the file from a fresh download of Joomla (extra from Joomla package and upload then replace).

Kyle (Krileon)
Community Builder Team Member
Before posting on forums: Read FAQ thoroughly + Read our Documentation + Search the forums
CB links: Documentation - Localization - CB Quickstart - CB Paid Subscriptions - Add-Ons - Forge
--
If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
--
If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please send me a private message with your thread and will reply when possible!
--
Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
--
My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
The following user(s) said Thank You: nant

Please Log in or Create an account to join the conversation.

Moderators: beatnantkrileon
Powered by Kunena Forum