ActiveX Popup Shows Up on Access of Dashboard, etc.

  • With sites I have using WP with one host, I’m intermittently (half the time) getting an ActiveX popup. Others also tell me that thery’re getting a trojan warning from Norton when they access the sites (not every time).

    I’m a real dummy when it comes to this stuff, and contacted the host who sent me this:

    “I couldn’t duplicate the error at my end but I tried to search on net for the issue and found that the error could occur due to vulnerability in wordpress or a plugin installed. Can you please check if all the files are up-to-date? Even latest version can have bugs in it so you may want to contact the wordpress support for the same.”

    So, that’s what I’m doing. A shot in the dark. This only occurs with sites on this particular host. No problem with the two other hosts I use.

    Any advice that I can understand? Should I consider moving to another host? That also raises the question whether there are hosts that a preferred for WordPress.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter potentmix

    (@potentmix)

    Anyone have any input on this? Friends are telling me that their anti-virus programs are picking up trojan threats on all my sites with this host.

    Thread Starter potentmix

    (@potentmix)

    Is there no support available through WordPress for something like this. I now have some info on the trojan which I got from my anti-virus log as follows:

    Details:

    This malicious JavaScript (JS) may be downloaded from remote site(s) by other malware. It may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web site(s).

    It accesses the following Web site to download a malicious file:

    https://bds.{BLOCKED}.fr/ssp/index.php?a=3&c=3 – detected by Trend Micro as TROJ_PAKES.SN.
    It saves the downloaded file as C:\Documents and Settings\{User Name}\tmpms45.exe.

    It then executes the downloaded file(s). As a result, malicious routines of the downloaded Trojan are exhibited on the affected system.

    Has anyone had trojan attempts made by TROJ_PAKES.SN? I can’t even use my dashboard because of the Activex popup every time I try.

    I sure would appreciate any help.

    Can you use ftp to check your WordPress files on the host for new or unknown files?

    I would think the fact you are getting it in wp-login.php might be a clue as to where it is.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘ActiveX Popup Shows Up on Access of Dashboard, etc.’ is closed to new replies.

Tags