NOTICE: help.openstreetmap.org is no longer in use from 1st March 2024. Please use the OpenStreetMap Community Forum

Hi,

I'm displaying OSM map on my application by using OpenLayer scripts. From yesterday my anti virus software start indicating viruses (HTML/FRAMER, Trojan Horse etc.) in a map files and lock it. Anybody could help me how to solve this problem?

asked 06 Jun '13, 13:19

leo_555's gravatar image

leo_555
11112
accept rate: 0%

edited 06 Jun '13, 14:33

gormo's gravatar image

gormo
2.9k32660

2

What file exactly? Did you compare it against the original file? Has it been modified?

(06 Jun '13, 13:44) scai ♦

Maybe I name something wrong, I'm trying to display a map using script with OpenLayes on my web site f.e. URL:

www.fahrtenbuch-digital.de/Positer.html?lat=53.568176&lon=9.935604&zoom=13

and this causes a virus alert. I checked scripts of my web site on my server - no viruses was indicated. I'm not sure what from this could come?

(06 Jun '13, 14:02) leo_555

Is the locking browser dependent - does it show differently in firefox and chrome or Internet Explorer?

(06 Jun '13, 14:34) gormo

No,it not depends on a browser, for all is the same result- antivirus software report alert of virus.

(06 Jun '13, 14:50) leo_555

Would it be post a few more details? We still don't know which file your antivirus software is reporting a problem with (or what antivirus software you're using, with what settings).

Perhaps a screenshot would help?

(06 Jun '13, 15:03) SomeoneElse ♦

From yesterday I change some antivirus software's to eliminate it as a reason. I was using AVG , Norton 360 now ESET. All indicated alerts but with different diagnose ( AVG - HTML/FRAMER ). Now from ESET it comes info :

Object :

www.fahrtenbuch-digital.de/Positer.html?lat=53.568176&lon=9.935604&zoom=13

Threat:

JS/Kryptik.ALA TROJAN HORSE

Info:

Connecting was terminated - under guarantine

(06 Jun '13, 15:15) leo_555

Can you check each .js file separately to see which one is causing the alert?

(06 Jun '13, 15:17) scai ♦
2

I started to check .js files and find virus texture in script of my *.html file. It was hidden far in right side of editor and I didn't notice this. I deleted hostile text and it looks as working properly now. Thank you very much for support.

(06 Jun '13, 15:46) leo_555
2

But that doesnt close the infection method. Do you have unsecured php applications on your server? Have you applied all OS patches on your machine and on the server?

I would consider your server compromised, including all the passwords. I would strongly recommend a full clean reinstall of the server, and all applications on it with the newest versions; otherwise you will get reinfected.

edit: Is your machine hosted by Hetzner? Then this may be of interest: http://www.heise.de/security/meldung/Hetzner-gehackt-Kundendaten-kopiert-1884180.html

(06 Jun '13, 20:25) gormo
showing 5 of 9 show 4 more comments

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×122
×2

question asked: 06 Jun '13, 13:19

question was seen: 6,088 times

last updated: 06 Jun '13, 20:29

NOTICE: help.openstreetmap.org is no longer in use from 1st March 2024. Please use the OpenStreetMap Community Forum