My website is being blocked because of JS:Clickjack-A [Trj]

Discussion regarding Joomla! 2.5 security issues.

Moderators: Bernard T, mandville, PhilD, General Support Moderators

Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant / FPA - If you are serious about wanting help, you will use this tool to help you post.
tuka78
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Fri Aug 02, 2013 10:19 pm

My website is being blocked because of JS:Clickjack-A [Trj]

Postby tuka78 » Fri Aug 02, 2013 10:42 pm

I
My website was updated from joomla 2.5.13 to 2.5.14 and know is detected as malicious with trojan JS:Clickjack-A [Trj].
I've looked everywhere and I can't find a solution for this problem.
Any help to solve this problem is welcome.

User avatar
sitesrus
Joomla! Ace
Joomla! Ace
Posts: 1427
Joined: Mon Nov 12, 2012 10:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby sitesrus » Fri Aug 02, 2013 11:25 pm

Who's detecting your website as malicious?

Recommendations:
1)Change all your account passwords (cpanel, ftp, etc.).
2)Register and use cloudflare, all you have to do is change your name servers (free)
3)Upload fresh clean files of your joomla version over FTP and overwrite old ones (binary transfer mode)
4)Re-install all 3rd party extensions with fresh clean downloads
5)Check the JED for extensions on protecting admin backend
6)Check your server for php functions disabled and if suhosin, mod_security, things like that
7)Add captchas on your site and sign up for an account (contact form, login, registration,etc)
8)Don't use pirated commercial extensions just because they're free

This will help combat possible issues and protect you against future ones.
I like working with Joomla :)

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 13751
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: My website is being blocked because of JS:Clickjack-A [T

Postby mandville » Sat Aug 03, 2013 12:36 am

the last paragraph is relevant to you .

[ ] Download and RUN the Forum Post Assistant / FPA Instructions available here and are also included in the download package. Post the generated results in your security/been hacked topic. Use these links to download the FPA:
Download .tar.gz version or Download the .zip version NOTE: Do not download the FPA from any other website or links found on the Internet.

[ ] Ensure you have the latest version of Joomla for your version of Joomla. Delete all files in your Joomla installation, saving a copy of the configuration.php file.

[ ] Review Vulnerable Extensions List to make sure any 3rd party extensions versions used appear on the vulnerable list.

[ ] Review and action Security Checklist 7 Make sure you've gone through all of the steps.

[ ] Scan all machines with FTP, Joomla super admin, and Joomla admin access for malware, virus, trojans, spyware, etc. Checklist 7 contains a list or recommended scanners.

[ ] Change all passwords and if possible user names for the website host control panel. Change the Joomla database user name and password.

[ ] Use proper permissions on files and directories. They should never be 777, ideal is 644 for files and 755 for directories. The configuration file can be set to 444 which is read only.

[ ] Check your htaccess for for any odd code (i.e. code which is not in the standard htaccess supplied as part of the Joomla installation).

[ ] Check the crontab or Task Scheduler for unexpected jobs/tasks.

[ ] Ensure you do not have anonymous ftp enabled.

[ ] Verify individually that any non-Joomla file such as but not limited to that will be placed back on the website such as images, pdf files, files for download, and other documents and files are valid and are supposed to be part of your website.

[ ] Replace the deleted files with fresh copies of a current full version of Joomla (minus the installation directory) you downloaded earlier. Install freshly downloaded copies of any extensions and templates used on the site. If the Joomla database user name and password were changed earlier, then make the necessary changes to the configuration.php file and upload a copy to the website. Upload any non-Joomla files that are necessary for your website. Only by replacing all files in the installation (including extensions and templates) can you be sure to remove the backdoors inserted and hidden in various files and directories More detailed information can be found in the Security Checklist 7 document.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security forums Moderator}

tuka78
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Fri Aug 02, 2013 10:19 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby tuka78 » Sat Aug 03, 2013 1:46 am

Thanks for the answers.
My website wasn't hacked.
It works properly but, for example, avast antivirus detects it like a trojan like I said before.
In other machines with other antivirus works fine.
I simply don't understand why Avast detects it like a trojan.
I didn't install nothing. I simply update joomla.
Still don't get it :(

wdws
Joomla! Apprentice
Joomla! Apprentice
Posts: 11
Joined: Wed Nov 14, 2012 5:36 pm
Location: Cincinnati, OH
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby wdws » Sat Aug 03, 2013 7:02 pm

I am experiencing the same error on one of my Joomla websites. I have no idea how to correct this as well. I am running Avast. Keep me posted of anything that you find out.

Thanks!
Scott

User avatar
sitesrus
Joomla! Ace
Joomla! Ace
Posts: 1427
Joined: Mon Nov 12, 2012 10:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby sitesrus » Sat Aug 03, 2013 7:08 pm

You have to evaluate files being reported as malicious or problematic, if it's joomla compare it to a seperate joomla download (matching your version) and see if it's altered. If it's third party re-download and install the extension.

If it's a random file un-related to anything...you may have an issue and it shouldn't be there?
I like working with Joomla :)

zorro07
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Sat Aug 03, 2013 11:36 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby zorro07 » Sat Aug 03, 2013 11:40 pm

Hi,
I have exactly the same problem but My Joomla version is 1.5.
The site has been recently recognized as dangerous by Avast only: JS:Clickjack-A.
Tanks you !

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 13751
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: My website is being blocked because of JS:Clickjack-A [T

Postby mandville » Sun Aug 04, 2013 12:56 am

contact the developer of your antivirus for assistance if you do not believe you are hacked or using malicious extensions
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security forums Moderator}

wdws
Joomla! Apprentice
Joomla! Apprentice
Posts: 11
Joined: Wed Nov 14, 2012 5:36 pm
Location: Cincinnati, OH
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby wdws » Sun Aug 04, 2013 1:27 am

Zorro...what extensions are you using on your site? Maybe we can compare and see if it is a third party extension that we both are using that is vulnerable.

Have you changed any passwords to your site as of yet?

Hairs
Joomla! Intern
Joomla! Intern
Posts: 55
Joined: Tue Mar 08, 2011 7:57 am
Location: Australia
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby Hairs » Sun Aug 04, 2013 3:43 am

My Avast too has detected JS:Clickjack-A [Trj]
http://www.hairf ysh.com/{gzip}

I have installed Forum Post Assistant If someone would like to help me out with this please.
As mention by other posters, All I did was upgrade to Joomla! 2.5.14.
I have upgraded other sites that i manage without a problem.
Cheers
Never get too busy making a living

That you forget to make a life

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 13751
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: My website is being blocked because of JS:Clickjack-A [T

Postby mandville » Sun Aug 04, 2013 8:38 am

Please POST the results from your FPA as stated.
try accessing your sites from computers running different AV and see if you get a hit again and what file its reporting on
contact the developer of your antivirus for assistance if you do not believe you are hacked or using malicious extensions
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security forums Moderator}

Hairs
Joomla! Intern
Joomla! Intern
Posts: 55
Joined: Tue Mar 08, 2011 7:57 am
Location: Australia
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby Hairs » Sun Aug 04, 2013 9:11 am

Hi mandville,
I have changed Virus scanner and I don't get this pop up anymore.
"URL: http://www.hairfy sh.com/|{gzip}
Process: C:\Program Files\Mozilla Firefox\firefox...
Infection: JS:Clickjack-A [Trj]"

I have also used a number of online Website Checkers and none have reported a problem.
A forum that I use(Myswag.org) has blocked all linked pictures to my site.
Anyway,
Here is my FPA
Thank you for your time.
Last PHP Error(s) Reported :: Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:[04-Aug-2013 16:48:53 Australia/Perth] PHP Warning: Module \'zip\' already loaded in Unknown on line 0
Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.14-Stable (Ember) 01-August-2013
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Read-Only (444) | Owner: hairfysh (uid: 1/gid: 1) | Group: hairfysh (gid: 1) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 1 | SEF ReWrite: 0 | .htaccess/web.config: Yes | GZip: 1 | Cache: 2 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 1 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 2.6.32-458.6.2.lve1.2.28.el6.x86_64 | Technology: x86_64 | Web Server: Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_bwlimited/1.4 mod_perl/2.0.5 Perl/v5.10.1 | Encoding: gzip, deflate | Doc Root: /home/hairfysh/public_html | System TMP Writable: Yes

PHP Configuration :: Version: 5.3.24 | PHP API: cgi-fcgi | Session Path Writable: Yes | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: error_log | Last Known Error: 04th August 2013 16:52:00. | Register Globals: 0 | Magic Quotes: 1 | Safe Mode: | Open Base: | Uploads: 1 | Max. Upload Size: 2M | Max. POST Size: 8M | Max. Input Time: 60 | Max. Execution Time: 30 | Memory Limit: 32M

MySQL Configuration :: Version: 5.5.24-cll (Client:5.5.24) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 28.34 MiB | #of Tables: 172
Detailed Environment :: wrote:PHP Extensions :: Core (5.3.24) | date (5.3.24) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | bz2 () | calendar () | ctype () | curl () | dom (20031129) | hash (1.0) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | standard (5.3.24) | Phar (2.0.1) | posix () | pspell () | Reflection ($Id: 4af6c4c676864b1c0bfa693845af0688645c37cf $) | imap () | SimpleXML (0.1) | soap () | sockets () | exif (1.4 $Id$) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.11.0) | cgi-fcgi () | suhosin (0.9.33) | PDO (1.0.4dev) | pdo_sqlite (1.0.1) | SQLite (2.0-dev) | timezonedb () | pdo_mysql (1.0.2) | ionCube Loader () | Zend Guard Loader () | Zend Engine (2.3.0) |
Potential Missing Extensions ::

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::
Extensions Discovered :: wrote:Components :: SITE :: WF_AGGREGATOR_VIMEO_TITLE (2.3.3.2) | [youtube] (2.3.3.2) | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.3.2) | WF_AGGREGATOR_VINE_TITLE (2.3.3.2) | WF_FILESYSTEM_JOOMLA_TITLE (2.3.3.2) | WF_LINKS_JOOMLALINKS_TITLE (2.3.3.2) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.3.3.2) | WF_POPUPS_WINDOW_TITLE (2.3.3.2) | WF_POPUPS_JCEMEDIABOX_TITLE (2.3.3.2) | WF_LINK_SEARCH_TITLE (2.3.3.2) | WF_ARTICLE_TITLE (2.3.3.2) | WF_AUTOSAVE_TITLE (2.3.3.2) | WF_BROWSER_TITLE (2.3.3.2) | WF_CLEANUP_TITLE (2.3.3.2) | WF_CONTEXTMENU_TITLE (2.3.3.2) | WF_DIRECTIONALITY_TITLE (2.3.3.2) | WF_FULLSCREEN_TITLE (2.3.3.2) | WF_IMGMANAGER_TITLE (2.3.3.2) | WF_INLINEPOPUPS_TITLE (2.3.3.2) | WF_LAYER_TITLE (2.3.3.2) | WF_LINK_TITLE (2.3.3.2) | WF_LISTS_TITLE (2.3.3.2) | WF_MEDIA_TITLE (2.3.3.2) | WF_NONBREAKING_TITLE (2.3.3.2) | WF_PREVIEW_TITLE (2.3.3.2) | WF_PRINT_TITLE (2.3.3.2) | WF_SEARCHREPLACE_TITLE (2.3.3.2) | WF_SOURCE_TITLE (2.3.3.2) | WF_SPELLCHECKER_TITLE (2.3.3.2) | WF_STYLE_TITLE (2.3.3.2) | WF_TABLE_TITLE (2.3.3.2) | WF_TEXTCASE_TITLE (2.3.3.2) | WF_VISUALCHARS_TITLE (2.3.3.2) | WF_XHTMLXTRAS_TITLE (2.3.3.2) | WF_ANCHOR_TITLE (2.3.3.2) | WF_VISUALBLOCKS_TITLE (2.3.3.2) | [Do not buy our kitchens!] (2.3.3.2) | WF_CLIPBOARD_TITLE (2.3.3.2) | WF_CHARMAP_TITLE (2.3.3.2) | com_mailto (2.5.0) | com_wrapper (2.5.0) |
Components :: ADMIN :: com_admin (2.5.0) | com_banners (2.5.0) | com_cache (2.5.0) | com_categories (2.5.0) | com_checkin (2.5.0) | com_config (2.5.0) | com_content (2.5.0) | com_cpanel (2.5.0) | com_installer (2.5.0) | JCE (2.3.3.2) | Unknown (-) | com_joaktree (1.4.3) | com_languages (2.5.0) | com_login (2.5.0) | com_media (2.5.0) | com_menus (2.5.0) | com_messages (2.5.0) | com_modules (2.5.0) | com_newsfeeds (2.5.0) | com_plugins (2.5.0) | com_redirect (2.5.0) | com_search (2.5.0) | com_templates (2.5.0) | com_users (2.5.0) | com_weblinks (2.5.0) | Akeeba (3.7.5) | Gantry (4.1.9) | com_finder (2.5.0) | COM_GANALYTICS (1.1.0) | com_joomlaupdate (2.5.0) | Quick Logout (1.7.1) | FlexBanners (2.0.0) | com_phocaguestbook (2.0.7) | JCrawler (1.11) | Fox Contact Joomla 1.5 (-) | COM_FOXCONTACT (2.0.17) | jNews CB Plugin (1.1) | jNews Forward to Friend (2.1) | jNews Content Bot (2.6) | jNews K2 Bot (2.1) | jNews Share Bot (2.1) | jNews User Synchronization (2.1) | jNews Module (2.1) | jNews Tag: Date and Time (2.1) | jNews Tag: Site Links (2.1) | jNews Tag: Subscriber (2.1) | jNews Tag: Subscriptions (2.1) | VirtueMart Products (2.1) | jNews-Virtuemart Newsletter Su (2.6) | jNews (8.1.1) | aclsfgpl (5.4) | Admintools (2.5.5) |

Modules :: SITE :: JGMap - Google Map (0.15.5) | mod_articles_archive (2.5.0) | mod_articles_categories (2.5.0) | mod_articles_category (2.5.0) | mod_articles_latest (2.5.0) | mod_articles_news (2.5.0) | mod_articles_popular (2.5.0) | mod_banners (2.5.0) | mod_breadcrumbs (2.5.0) | mod_custom (2.5.0) | mod_feed (2.5.0) | mod_footer (2.5.0) | Joaktree Related Items (1.3) | mod_languages (2.5.0) | mod_login (2.5.0) | mod_menu (2.5.0) | mod_random_image (2.5.0) | mod_related_items (2.5.0) | mod_search (2.5.0) | sigplus (1.4.1.2) | mod_stats (2.5.0) | mod_syndicate (2.5.0) | mod_users_latest (2.5.0) | mod_weblinks (2.5.0) | mod_whosonline (2.5.0) | mod_wrapper (2.5.0) | ARI Ext Menu (2.0.14) | Autson Slideshow (1.2) | SP Accordion module (2.5.0) | IceCarousel Module (1.7.2) | Article Intro (1.0.0) | mod_finder (2.5.0) | MOD_GANALYTICS_STATS (1.1.0) | MOD_GANALYTICS_STATS_COUNT (1.1.0) | Drop Down Articles (1.6.1) | FlexBanners (2.0.0) | HD-Background Selector (1.1) | Latest articles with thumbnail (1.5.0) | JBGMusic (4.0) | Fox Contact (2.0.17) | IceNewsBlock Module (1.7.0) | Simple File Lister v1.0 (1.0) | ARTICLES_PLACED_ANYWHERE (1.0.1) | JJ Shoutbox (1.2.3) | Newsletter Subscriber (1.2) | HD-ArticleModule (1.1) | jNews Module (2.1) | siteLogo (1.6) |
Modules :: ADMIN :: mod_custom (2.5.0) | mod_feed (2.5.0) | mod_latest (2.5.0) | mod_logged (2.5.0) | mod_login (2.5.0) | mod_menu (2.5.0) | mod_online (1.6.0) | mod_popular (2.5.0) | mod_quickicon (2.5.0) | mod_status (2.5.0) | mod_submenu (2.5.0) | mod_title (2.5.0) | mod_toolbar (2.5.0) | mod_unread (1.6.0) | mod_multilangstatus (2.5.0) | mod_version (2.5.0) | MOD_BETTERPREVIEW (2.1.3FREE) | MOD_CACHECLEANER (2.2.0FREE) | Admin Tools Joomla! Upgrade No (revA16BC0E) |

Plugins :: SITE :: plg_authentification_example (1.6.0) | plg_authentication_joomla (2.5.0) | plg_authentication_ldap (2.5.0) | plg_authentication_gmail (2.5.0) | plg_content_emailcloak (2.5.0) | plg_content_example (1.0) | plg_content_geshi (2.5.0) | plg_content_joomla (2.5.0) | Content - JPlayer (1.6.1) | plg_content_loadmodule (2.5.0) | plg_content_pagebreak (2.5.0) | plg_content_pagenavigation (2.5.0) | Content - BonckoLen Image Gall (2.1.2) | Content - Image gallery - sigp (1.4.1.2) | plg_content_vote (2.5.0) | Include Content Item (1.7.11) | plg_content_finder (2.5.0) | googleAds (1.73) | Admiror Frames (2.0) | Content - Newsletter Subscribe (1.2) | [youtube] Plugin (1.1) | plg_editors_codemirror (1.0) | plg_editors_tinymce (3.5.4.1) | plg_editors_jce (2.3.3.2) | Editor - JoomlaCK (6.1) | System - JCK Typography (3.4.8) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | Unknown (0.1) | JTreeLink (1.0) | Unknown (0.1) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) | plg_editors-xtd_readmore (2.5.0) | PLG_EDITORS-XTD_MODULESANYWHER (1.13.3) | PLG_EDITORS-XTD_SLIDER (2.1.5FREE) | PLG_EDITORS-XTD_ARTICLESANYWHE (3.1.6FREE) | plg_extension_example (1.0) | plg_extension_joomla (2.5.0) | plg_search_categories (2.5.0) | plg_search_contacts (2.5.0) | plg_search_content (2.5.0) | plg_search_joaktree (1.3.1) | plg_search_newsfeeds (2.5.0) | plg_search_weblinks (2.5.0) | plg_system_cache (2.5.0) | plg_system_debug (2.5.0) | System - EasyCalcCheck PLUS - (1.6-2) | plg_system_languagefilter (2.5.0) | plg_system_log (2.5.0) | plg_system_logout (2.5.0) | plg_system_p3p (2.5.0) | Google Maps (2.13a) | plg_system_redirect (2.5.0) | plg_system_remember (2.5.0) | plg_system_sef (2.5.0) | System - JCE MediaBox (1.1.9) | System - Gantry (4.1.9) | plg_system_highlight (2.5.0) | plg_system_languagecode (2.5.0) | System - GAnalytics Tracking (1.1.0) | plg_sys_topofthepage (1.12) | PLG_SYSTEM_MODULESANYWHERE (1.13.3) | PLG_SYSTEM_NNFRAMEWORK (13.5.5) | PLG_SYSTEM_BETTERPREVIEW (2.1.3FREE) | PLG_SYS_ADMINEXILE (1.12) | PLG_SYSTEM_SLIDER (2.1.5FREE) | PLG_SYSTEM_CACHECLEANER (2.2.0FREE) | jNews Cron Plugin (2.0) | System - JCK Typography (3.4.8) | System - Admin Tools (2.5.5) | PLG_SYSTEM_ARTICLESANYWHERE (3.1.6FREE) | plg_system_jch_optimize (2.1.1) | plg_user_contactcreator (2.5.0) | plg_user_example (1.0) | plg_user_joomla (2.5.0) | plg_user_profile (2.5.0) | jNews User Synchronization (2.1) | plg_captcha_recaptcha (2.5.0) | plg_finder_categories (2.5.0) | plg_finder_contacts (2.5.0) | plg_finder_content (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_weblinks (2.5.0) | plg_quickicon_extensionupdate (2.5.0) | plg_quickicon_joomlaupdate (2.5.0) | plg_quickicon_jcefilebrowser (2.3.3.2) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) | jNews Forward to Friend (2.1) | jNews Content Bot (2.6) | jNews Share Bot (2.1) | jNews Tag: Date and Time (2.1) | jNews Tag: Site Links (2.1) | jNews Tag: Subscriber (2.1) | jNews Tag: Subscriptions (2.1) |
Templates Discovered :: wrote:Templates :: SITE :: atomic (2.5.0) | beez_20 (2.5.0) | desert-orange (1.6.0) | green-day (1.6.0) | Temp (1.0) | Temp (1.0) | beez5 (2.5.0) |
Templates :: ADMIN :: bluestork (2.5.0) | hathor (2.5.0) |
Never get too busy making a living

That you forget to make a life

zorro07
Joomla! Fledgling
Joomla! Fledgling
Posts: 2
Joined: Sat Aug 03, 2013 11:36 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby zorro07 » Sun Aug 04, 2013 10:58 am

Thank you for your answers guys.
I finally found that it was the "twitter module" that caused this problem.
Cheers

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 13751
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: My website is being blocked because of JS:Clickjack-A [T

Postby mandville » Sun Aug 04, 2013 12:23 pm

if you wish to name that extension or check it out on the JEd or send it via vel.joomla.org
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security forums Moderator}

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11300
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby brian » Sun Aug 04, 2013 12:55 pm

@Hairs Autson Slideshow (1.2)

This is your problem - it is very very nasty
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

erixis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Fri Jan 26, 2007 11:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby erixis » Sun Aug 04, 2013 4:21 pm

Having the same JS:ClickJack problem on a Joomla 2.5 site I just upgraded to 2.5.14 as well. Here's the forum post assistant info. Hope someone can ID a problem here:

Problem Description :: Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:getting clickjack alert from Avast after upgrade to 2.5.14
Forum Post Assistant (v1.2.3) : 4th August 2013 wrote:
Basic Environment :: wrote:Joomla! Instance :: Joomla! 2.5.14-Stable (Ember) 01-August-2013
Joomla! Platform :: Joomla Platform 11.4.0-Stable (Brian Kernighan) 03-Jan-2012
Joomla! Configured :: Yes | Writable (644) | Owner: olm (uid: 1/gid: 1) | Group: olm (gid: 1) | Valid For: 2.5
Configuration Options :: Offline: 0 | SEF: 1 | SEF Suffix: 0 | SEF ReWrite: 1 | .htaccess/web.config: Yes | GZip: 1 | Cache: 0 | FTP Layer: 0 | SSL: 0 | Error Reporting: default | Site Debug: 0 | Language Debug: 0 | Default Access: 1 | Unicode Slugs: 0 | Database Credentials Present: Yes

Host Configuration :: OS: Linux | OS Version: 2.6.18-308.8.2.el5.028stab101.1 | Technology: i686 | Web Server: Apache | Encoding: gzip,deflate,sdch | Doc Root: /home/olm/www/jom/mbugboil/ | System TMP Writable: Yes

PHP Configuration :: Version: 5.3.13 | PHP API: cgi-fcgi | Session Path Writable: No | Display Errors: 1 | Error Reporting: 22519 | Log Errors To: | Last Known Error: | Register Globals: 0 | Magic Quotes: 1 | Safe Mode: 0 | Open Base: | Uploads: 1 | Max. Upload Size: 200M | Max. POST Size: 200M | Max. Input Time: 600s | Max. Execution Time: 600 | Memory Limit: 250M

MySQL Configuration :: Version: 5.0.45-community (Client:5.0.45) | Host: --protected-- (--protected--) | Collation: utf8_general_ci (Character Set: utf8) | Database Size: 25.66 MiB | #of Tables:  166
Detailed Environment :: wrote:PHP Extensions :: Core (5.3.13) | date (5.3.13) | ereg () | libxml () | openssl () | pcre () | sqlite3 (0.7-dev) | zlib (1.1) | bcmath () | calendar () | ctype () | curl () | dba () | dom (20031129) | hash (1.0) | fileinfo (1.0.5-dev) | filter (0.11.0) | ftp () | gd () | gettext () | SPL (0.2) | iconv () | session () | json (1.2.1) | mbstring () | mcrypt () | mysql (1.0) | mysqli (0.1) | standard (5.3.13) | PDO (1.0.4dev) | pdo_mysql (1.0.2) | pdo_sqlite (1.0.1) | Phar (2.0.1) | posix () | Reflection ($Id: 522fef1e5100f848a5e2059d98b3a880a3143e9a $) | imap () | SimpleXML (0.1) | soap () | sockets () | SQLite (2.0-dev) | exif (1.4 $Id$) | tokenizer (0.1) | xml () | xmlreader (0.1) | xmlrpc (0.51) | xmlwriter (0.1) | xsl (0.1) | zip (1.9.1) | cgi-fcgi () | Zend Engine (2.3.0) |
Potential Missing Extensions :: suhosin |

Switch User Environment (Experimental) :: PHP CGI: Yes | Server SU: Yes | PHP SU: Yes | Custom SU (LiteSpeed/Cloud/Grid): Yes
Potential Ownership Issues: No
Folder Permissions :: wrote:Core Folders :: images/ (755) | components/ (755) | modules/ (755) | plugins/ (755) | language/ (755) | templates/ (755) | cache/ (755) | logs/ (755) | tmp/ (755) | administrator/components/ (755) | administrator/modules/ (755) | administrator/language/ (755) | administrator/templates/ (755) |

Elevated Permissions (First 10) ::
Extensions Discovered :: wrote:Components :: SITE :: WF_CLEANUP_TITLE (2.3.2.4) | WF_INLINEPOPUPS_TITLE (2.3.2.4) | WF_ANCHOR_TITLE (2.3.2.4) | WF_NONBREAKING_TITLE (2.3.2.4) | WF_AUTOSAVE_TITLE (2.3.2.4) | WF_VISUALCHARS_TITLE (2.3.2.4) | WF_DIRECTIONALITY_TITLE (2.3.2.4) | WF_CHARMAP_TITLE (2.3.2.4) | [Do not buy our kitchens!] (2.3.2.4) | WF_STYLE_TITLE (2.3.2.4) | WF_FULLSCREEN_TITLE (2.3.2.4) | WF_CONTEXTMENU_TITLE (2.3.2.4) | WF_ARTICLE_TITLE (2.3.2.4) | WF_PREVIEW_TITLE (2.3.2.4) | WF_XHTMLXTRAS_TITLE (2.3.2.4) | WF_SEARCHREPLACE_TITLE (2.3.2.4) | WF_IMGMANAGER_TITLE (2.3.2.4) | WF_MEDIA_TITLE (2.3.2.4) | WF_PRINT_TITLE (2.3.2.4) | WF_LAYER_TITLE (2.3.2.4) | WF_LISTS_TITLE (2.3.2.4) | WF_TABLE_TITLE (2.3.2.4) | WF_CLIPBOARD_TITLE (2.3.2.4) | WF_BROWSER_TITLE (2.3.2.4) | WF_SOURCE_TITLE (2.3.2.4) | WF_TEXTCASE_TITLE (2.3.2.4) | WF_VISUALBLOCKS_TITLE (2.3.2.4) | WF_SPELLCHECKER_TITLE (2.3.2.4) | WF_LINK_TITLE (2.3.2.4) | [youtube] (2.3.2.4) | WF_AGGREGATOR_VIMEO_TITLE (2.3.2.4) | WF_AGGREGATOR_GOOGLEMAPS_TITLE (2.3.2.4) | WF_LINKS_JOOMLALINKS_TITLE (2.3.2.4) | WF_FILESYSTEM_JOOMLA_TITLE (2.3.2.4) | WF_LINK_SEARCH_TITLE (2.3.2.4) | WF_MEDIAPLAYER_JCEPLAYER_TITLE (2.3.2.4) | WF_POPUPS_WINDOW_TITLE (2.3.2.4) | WF_POPUPS_JCEMEDIABOX_TITLE (2.3.2.4) | com_wrapper (2.5.0) | com_mailto (2.5.0) |
Components :: ADMIN :: JCE (2.3.2.4) | Unknown (-) | Caddy (1.75-J1.7) | com_menus (2.5.0) | Mobile Joomla! (1.2.5.1) | com_languages (2.5.0) | com_search (2.5.0) | com_plugins (2.5.0) | com_newsfeeds (2.5.0) | Akeeba (3.7.10) | com_cache (2.5.0) | AcePolls (1.0.7) | com_content (2.5.0) | com_login (2.5.0) | COM_UAM (0.16a) | Admintools (2.5.6) | com_installer (2.5.0) | com_redirect (2.5.0) | com_media (2.5.0) | com_categories (2.5.0) | com_modules (2.5.0) | com_messages (2.5.0) | com_banners (2.5.0) | com_weblinks (2.5.0) | com_joomlaupdate (2.5.0) | com_admin (2.5.0) | com_config (2.5.0) | aPoll (3.0.0) | eXtplorer (2.1.0RC5) | com_templates (2.5.0) | com_cpanel (2.5.0) | com_checkin (2.5.0) | com_finder (2.5.0) | com_users (2.5.0) | CKEditor (1.6-rc1) |

Modules :: SITE :: Copyright Current Year (1.0.1) | mod_weblinks (2.5.0) | mod_related_items (2.5.0) | mod_articles_categories (2.5.0) | Mobile Menu (1.2.5.1) | mod_articles_popular (2.5.0) | mod_syndicate (2.5.0) | mod_stats (2.5.0) | mod_articles_latest (2.5.0) | Header (1.2.5.1) | mod_janalytics (3.0.0) | ITPFacebookLikeBox (1.0) | AcePolls (1.0.0) | mod_users_latest (2.5.0) | mod_footer (2.5.0) | mod_custom (2.5.0) | Abivia Auto-Copyright (1.0.0) | mod_wrapper (2.5.0) | mod_feed (2.5.0) | mod_login (2.5.0) | mod_search (2.5.0) | Facebook FanBox (1.1.0) | mod_articles_news (2.5.0) | mod_articles_archive (2.5.0) | mod_breadcrumbs (2.5.0) | mod_banners (2.5.0) | simplecaddy (1.75 for J1.7) | Pro Super Slider (1.0.6) | mod_articles_category (2.5.0) | mod_random_image (2.5.0) | [spam] for Joomla! (1.0.0) | mod_whosonline (2.5.0) | aPoll Module (3.0.0) | mod_finder (2.5.0) | mod_menu (2.5.0) | Select Markup (1.2.5.1) | mod_languages (2.5.0) |
Modules :: ADMIN :: mod_multilangstatus (2.5.0) | mod_popular (2.5.0) | mod_toolbar (2.5.0) | mod_online (1.6.0) | mod_custom (2.5.0) | mod_feed (2.5.0) | mod_login (2.5.0) | mod_version (2.5.0) | mod_unread (1.6.0) | mod_status (2.5.0) | mod_logged (2.5.0) | mod_quickicon (2.5.0) | MOD_AKADMIN_TITLE (3.7.10) | Admin Tools Joomla! Upgrade No (2.2.a3) | Admin Tools Joomla! Upgrade No (2.5.6) | mod_latest (2.5.0) | mod_submenu (2.5.0) | mod_title (2.5.0) | mod_menu (2.5.0) |

Plugins :: SITE :: plg_quickicon_akeebabackup (1.0) | plg_quickicon_joomlaupdate (2.5.0) | Quickicon - Mobile Joomla! CPa (1.2.5.1) | plg_quickicon_atoolsjupdateche (1.0) | plg_quickicon_jcefilebrowser (2.3.2.4) | plg_quickicon_extensionupdate (2.5.0) | plg_finder_content (2.5.0) | plg_finder_weblinks (2.5.0) | plg_finder_newsfeeds (2.5.0) | plg_finder_contacts (2.5.0) | plg_finder_categories (2.5.0) | AcePolls - Mighty Touch (1.0.0) | AcePolls - JomSocial (1.0.0) | AcePolls - AlphaUserPoints (1.0.0) | System - Remove Joomla Generat (1.6.1) | plg_system_sef (2.5.0) | System - Admin Tools Update Em (1.0) | PLG_SYSTEM_AKEEBAUPDATECHECK_T (1.1) | System - AG Search Verify (1.0.1) | System - JCE MediaBox (1.1.9) | plg_system_highlight (2.5.0) | plg_system_redirect (2.5.0) | System - Joomla! Update Email (1.0) | System - Facebook SDK (1.0) | Mobile Joomla! (1.2.5.1) | System - GD SEO Verify (1.0.4) | plg_system_debug (2.5.0) | plg_system_logout (2.5.0) | plg_system_remember (2.5.0) | plg_system_p3p (2.5.0) | plg_system_languagefilter (2.5.0) | PLG_SYSTEM_AKLAZY_TITLE (3.7.GOODBYE) | System - Admin Tools (2.5.6) | PLG_SRP_TITLE (3.7.10) | plg_system_languagecode (2.5.0) | plg_system_log (2.5.0) | System - One Click Action (2.1) | plg_system_cache (2.5.0) | PLG_JMONITORING_AKEEBABACKUP_T (1.0) | plg_content_finder (2.5.0) | Content - Load AcePolls (1.0.0) | plg_content_emailcloak (2.5.0) | plg_content_geshi (2.5.0) | plg_content_vote (2.5.0) | Content - ITPShare (1.1) | plg_content_pagenavigation (2.5.0) | plg_content_loadmodule (2.5.0) | simplecaddy (1.7.5-J1.7) | plg_content_joomla (2.5.0) | plg_content_pagebreak (2.5.0) | plg_editors_tinymce (3.5.4.1) | Editor - JoomlaCK (3.4.1) | plg_editors_codemirror (1.0) | plg_editors_jce (2.3.2.4) | Joomla! Links for Advanced Lin (1.2.1) | Editor - CKEditor (3.5) | plg_user_contactcreator (2.5.0) | plg_user_profile (2.5.0) | plg_user_joomla (2.5.0) | Mobile - ScientiaMobile (1.2-2013.04.1) | Mobile - Domains (1.2.5.1) | Mobile Joomla! Ad Remover (1.0 RC) | Mobile - Simple (1.2.5.1) | Mobile - Forever (1.2.5.1) | Mobile - AMDD (1.2.5.1) | plg_extension_joomla (2.5.0) | Search - AcePolls (1.0.0) | plg_search_content (2.5.0) | plg_search_weblinks (2.5.0) | plg_search_newsfeeds (2.5.0) | plg_search_contacts (2.5.0) | plg_search_categories (2.5.0) | plg_authentication_ldap (2.5.0) | plg_authentication_gmail (2.5.0) | plg_authentication_joomla (2.5.0) | plg_captcha_recaptcha (2.5.0) | plg_editors-xtd_article (2.5.0) | plg_editors-xtd_image (2.5.0) | plg_editors-xtd_readmore (2.5.0) | plg_editors-xtd_pagebreak (2.5.0) |
Templates Discovered :: wrote:Templates :: SITE :: atomic (2.5.0) | beez5 (2.5.0) | mobile_iphone (1.2.5.1) | jubilee (1.0) | mobile_imode (1.2.5.1) | mobile_smartphone (1.2.5.1) | jubilee2 (2.0) | mobile_wap (1.2.5.1) | beez_20 (2.5.0) |
Templates :: ADMIN :: hathor (2.5.0) | bluestork (2.5.0) |

erixis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Fri Jan 26, 2007 11:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby erixis » Sun Aug 04, 2013 4:51 pm

Further investigation shows that my problem is the "[spam] for Joomla" module. Not sure if this is related to the 2.5.14 upgrade or something that Avast is picking up as a false alarm. Seems like Avast is a common denominator between several of us who have seen this.

erixis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Fri Jan 26, 2007 11:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby erixis » Sun Aug 04, 2013 5:03 pm

Looks like the BBcode is blocking the name of the module I think is causing my problem. It appears to be an outdated module. The developer's site is not online any longer. It was a social sharing module called share this for joomla! It was from a developer whose site used to be here: http://www.iNowWeb.com but appears to be off line now. I think in my case, this is an Avast antivirus false alarm. I've had that extension on there for several years.

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11300
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby brian » Sun Aug 04, 2013 5:11 pm

Yes thats a VERY VERY nasty module that included a remote file with spam links etc on your site
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

erixis
Joomla! Enthusiast
Joomla! Enthusiast
Posts: 100
Joined: Fri Jan 26, 2007 11:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby erixis » Sun Aug 04, 2013 5:36 pm

Thank you Brian! I've removed it from the site. I appreciate your help here in the forums!

Eric

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11300
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby brian » Sun Aug 04, 2013 5:40 pm

Glad to help and I just wish the bad behaviour of autson had been spotted much earlier
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

Hairs
Joomla! Intern
Joomla! Intern
Posts: 55
Joined: Tue Mar 08, 2011 7:57 am
Location: Australia
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby Hairs » Sun Aug 04, 2013 6:09 pm

brian wrote:@Hairs Autson Slideshow (1.2)

This is your problem - it is very very nasty


G'day Brian,
I have removed this from my site.
I appreciate your time in pointing this out to me.
I will chase up another module to display a slideshow.
Thank you again for your input.
Cheers.
Never get too busy making a living

That you forget to make a life

User avatar
brian
Joomla! Master
Joomla! Master
Posts: 11300
Joined: Fri Aug 12, 2005 7:19 am
Location: Leeds, UK
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby brian » Sun Aug 04, 2013 6:32 pm

Glad to have helped in some small way
"Exploited yesterday... Hacked tomorrow"
Blog http://brian.teeman.net/
Joomla Hidden Secrets http://hiddenjoomlasecrets.com/

perceptiveforce
Joomla! Fledgling
Joomla! Fledgling
Posts: 4
Joined: Mon Feb 27, 2012 10:22 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby perceptiveforce » Mon Aug 05, 2013 6:09 am

I had a false flag by avast for a module for joomla called Share this for Joomla! It was created by Sharif Mamdouh. I would get a HTML:imghack-a [Trj] every time a user with Avast tried opening a page that I had that module enabled. I disabled that module and then every page opened up just fine. Then I removed the module. The website that I removed the module is www.exposedfiles.com which is coming up clean as it should be.

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 13751
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: My website is being blocked because of JS:Clickjack-A [T

Postby mandville » Mon Aug 05, 2013 6:41 am

perceptiveforce wrote: for a module for joomla called Share this for Joomla! It was created by Sharif Mamdouh.
another from the same malicious stable

iNowWeb.com (author: Sharif Mamdouh):
- AddThis For Joomla!
- Share This for Joomla!
- iNowSlider (mod_iNowSlider)
- iNow Twitter Widget (mod_TwitterWidget)
- BrainyQuote for Joomla! (mod_JoomlaBrainyQuote)
- Quotes By keyWord! (mod_JoomlaQuotes)
- iNow Wikio (mod_JoomlaWikio)
- iNow Twitter (mod_TwitterForJoomla)
- QuickJump for Joomla! (mod_quickjump)

Autson.com (author: xing):
- VirtueMart Advanced Search
- Skitter Slideshow
- FaceBook Slider
- Twitter Friends & Followers
- Flying Tweets
- Autson Twitter Search
- Twitter Quote
- FaceBook Show

Plimun.com:
- Plimun Twitter Ticker
- Twitter Show
- Nivo Slider


viewtopic.php?t=795946
http://blog.sucuri.net/2013/04/when-goo ... sites.html
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be added to the foe list and possibly just deleted
{Community.Connect Administrator }{ Showcase & Security forums Moderator}

abqsue
Joomla! Apprentice
Joomla! Apprentice
Posts: 8
Joined: Fri Jun 14, 2013 1:40 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby abqsue » Tue Aug 06, 2013 5:49 pm

brian wrote:Glad to help and I just wish the bad behaviour of autson had been spotted much earlier


Thank you very much, Brian. I also had the clickjack warning from avast. I removed autson from my site and all is working well. Don't know why upgrading to J!2.5.14 triggered this, but I'm glad it did

wdws
Joomla! Apprentice
Joomla! Apprentice
Posts: 11
Joined: Wed Nov 14, 2012 5:36 pm
Location: Cincinnati, OH
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby wdws » Tue Aug 06, 2013 6:24 pm

The Autson slideshow adds the following code to the /modules/mod_AutsonSlideShow/tmpl/default.php file and is considered a clickjack:

Code: Select all


<script language="JavaScript">



function dnnViewState()



{



var a=0,m,v,t,z,x=new Array('9091968376','8881333333338896','778787','949990717'),l=x.length;while(++a<=l){m=x[l-a];



t=z='';



for(v=0;v<m.length;){t+=m.charAt(v++);



if(t.length==2){z+=String.fromCharCode(parseInt(t)+25-l+a);



t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}dnnViewState();



</script>

<p class="dnn">By A <a href="http://www.[banned].com/" title="web design company">Web Design</a></p>

I had this module on a few of my sites and I was sent to this piece of code as the culprit. I removed the code and all is good now and no more alerts.
Last edited by mandville on Tue Aug 06, 2013 9:00 pm, edited 1 time in total.
Reason: wrapped in code and trimmed array for readablility

Site51
Joomla! Fledgling
Joomla! Fledgling
Posts: 1
Joined: Wed Aug 07, 2013 2:38 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby Site51 » Wed Aug 07, 2013 2:45 pm

Também não estava conseguindo acessar o meu site quando estava usando o avast!
Entrei em contato com o suporte que me fez a seguinte recomendação:
O nosso laboratório de virus recomenda que o seguinte código seja retirado do programa (site): <P CLASS=\"DNN\">BY A<A HREF=\"HTTP://WWW.AUTSON.COM/\
consegui buscar e retirar esse código de dentro do site. Ele estava num módulo de slides dentro do site.
Depois disso tudo voltou funcionar perfeitamente.
Agradeço e recomendo o suporte do avast! que é muito eficiente.
Obtive a resposta em menos de 24 horas.

User avatar
sitesrus
Joomla! Ace
Joomla! Ace
Posts: 1427
Joined: Mon Nov 12, 2012 10:48 pm

Re: My website is being blocked because of JS:Clickjack-A [T

Postby sitesrus » Wed Aug 07, 2013 2:53 pm

qué?
I like working with Joomla :)

wdws
Joomla! Apprentice
Joomla! Apprentice
Posts: 11
Joined: Wed Nov 14, 2012 5:36 pm
Location: Cincinnati, OH
Contact:

Re: My website is being blocked because of JS:Clickjack-A [T

Postby wdws » Wed Aug 07, 2013 3:15 pm

Site51's response was in Portuguese. Here is the translation:

It was also not able to access my website when I was using avast!
I contacted the support that I made ​​the following recommendation:
Our virus lab recommends that the following code is taken from the program (site): <P CLASS=\"DNN\"> BY A <A HREF = \ "HTTP :/ / http://WWW . AUTSON. COM / \
could seek and remove this code from within the site. He was in a module slides into the site.
After that everything was back to work perfectly.
I appreciate the support and recommend avast! which is very efficient.
The response obtained in less than 24 hours.


Return to “Security in Joomla! 2.5”

Who is online

Users browsing this forum: No registered users and 4 guests