For all your general chit chat, caching or not.
-
homedg
- 1550 or more caches found

- Posts: 798
- Joined: 24 February 06 3:15 pm
- Location: South West Sydney
Post
by homedg » 27 June 09 4:54 pm
My sis' has finally;
after years of research

, navel gazing

and building up confidence

, gone online.
www.r-o-p-e. com.au (
edited by ideology as this website appears to be infected with a trojan/virus - see discussion below)
This is
NOT an ad.
I just want some feedback from those in the community who have skills on how she can get better hits online, improve the site etc.
I tried to help by Googling and submitting the URL but ended up with a whole heap of Spam coming my way instead

.
Any suggestions would be much appreciated.
BTW: They are cachers and if you have done a blitz in the Noosa area then you probably have a few of her notches on your belt.
-
caughtatwork
- Posts: 16324
- Joined: 17 May 04 12:11 pm
- Location: Melbourne
-
Contact:
Post
by caughtatwork » 27 June 09 7:17 pm
That site triggered my virus detector for this:
JS:Redirector-H7 [Trj]
Enter at your own risk.
-
homedg
- 1550 or more caches found

- Posts: 798
- Joined: 24 February 06 3:15 pm
- Location: South West Sydney
Post
by homedg » 27 June 09 7:28 pm
caughtatwork wrote:That site triggered my virus detector for this:
JS:Redirector-H7 [Trj]
Enter at your own risk.
hey, C@W,
What does that mean?
It was developed by an external web designer Are they playing games?
Homedg (david)
-
Geof
- 450 or more roots tripped over

- Posts: 1232
- Joined: 10 August 04 12:26 pm
- Location: Yarra Ranges
Post
by Geof » 27 June 09 9:28 pm
Code: Select all
<meta name="author" content="Muahammad Ali" />
Huuu

-
tronador
- 5000 or more caches found

- Posts: 1547
- Joined: 04 November 05 10:18 pm
- Location: Lidcombe,Sydney, NSW
Post
by tronador » 27 June 09 9:35 pm
When I googled r-o-p-e all i got was places that sold rope.

-
caughtatwork
- Posts: 16324
- Joined: 17 May 04 12:11 pm
- Location: Melbourne
-
Contact:
Post
by caughtatwork » 27 June 09 9:40 pm
Look at the source code.
The line after this one:
head><script language=javascript><!--
That obfuscated javascript function is triggering a virus / trojan alert using Avast.
JS:Redirector-H7 [Trj]
I can't decode the obfuscation, but I would hazard a guess that it will redirect you to another site that will infect your machine.
Alternatively it's a false positive for valid code that appears to be a redirector. I can image no scenario that would require obfuscated javascript code like this so while it may be a false positive the fact that it's obfuscated is an indication of something not quite right.
Go back to the designer and ask if they put that in there. If the answer is yes, then it's OK, if the answer is NO then the site has been infected.
-
homedg
- 1550 or more caches found

- Posts: 798
- Joined: 24 February 06 3:15 pm
- Location: South West Sydney
Post
by homedg » 27 June 09 10:08 pm
caughtatwork wrote:Look at the source code.
The line after this one:
head><script language=javascript><!--
That obfuscated javascript function is triggering a virus / trojan alert using Avast.
JS:Redirector-H7 [Trj]
I can't decode the obfuscation, but I would hazard a guess that it will redirect you to another site that will infect your machine.
Alternatively it's a false positive for valid code that appears to be a redirector. I can image no scenario that would require obfuscated javascript code like this so while it may be a false positive the fact that it's obfuscated is an indication of something not quite right.
Go back to the designer and ask if they put that in there. If the answer is yes, then it's OK, if the answer is NO then the site has been infected.
i'm confused

but wanted to post an online THANX!
Will PM
-
ideology
- Posts: 2763
- Joined: 28 March 03 4:01 pm
- Location: Sydney
-
Contact:
Post
by ideology » 27 June 09 10:12 pm
oh dear, for a number of reasons
1. it looks like a form of the gumblar exploit
http://blog.unmaskparasites.com/2009/05 ... ed-script/
2. the choice of a URL with hyphens make it difficult for people to search for it. the search engines either treat the "-" as a boolean operator or ignore it
3. your sister's website will have a poor search engine ranking because it includes almost no searchable text on the home page. if you look at the page and select "view page source" you'll see what google sees, which is at best just the names of your products. no description, no comment about how to use them and no user comments or regularly updated content. perhaps your sister deliberately specified having a sparse homepage, but even so, the web designer should have counselled her strongly to put something more descriptive there.
-
homedg
- 1550 or more caches found

- Posts: 798
- Joined: 24 February 06 3:15 pm
- Location: South West Sydney
Post
by homedg » 27 June 09 10:18 pm
Quite the opposite, she was guided by the designer and she was very happy with the online look.
Similarly I was really proud of what she had achieved, at least I was until I posted this.
Will talk to my sister and hopefully she can get s**t in order.
Thanks again for all the advice.
Dave (homedg)
-
Fuddley
- 1950 or more caches found

- Posts: 360
- Joined: 17 February 08 6:22 am
- Location: Hastings NZ GPSr: Garmin Oregon 300 GPSr: Tom Tom XL one GPSr: Garmin Etrex Vista
-
Contact:
Post
by Fuddley » 27 June 09 10:20 pm
Does that mean that those of us that visited this site may have problems

-
homedg
- 1550 or more caches found

- Posts: 798
- Joined: 24 February 06 3:15 pm
- Location: South West Sydney
Post
by homedg » 27 June 09 10:45 pm
Fuddley wrote:Does that mean that those of us that visited this site may have problems

Fair question fuddley.
i am trying to contact her now to turn off the site "however that works" just in case.
Sorry guys...........
