Posted 11 December 2012 - 06:28 PM
We use a PageLines Pro website for our intranet at work. The intranet is restricted to our IP addresses. We use .htaccess to control access.
Recently, we noticed some funky things including redirecting of external links. Also, we are seeing certain words linked to external sites (these links have the double-underline). These links are opening in pop up windows and it is not our doing.
Here is a screenshot:
These problems are showing up on PCs (Macs are OK) using:
- Internet Explorer
- (Firefox seems to be fine)
I've changed all passwords including:
- Users to wordpress
- Web host
- FTP accounts
- SQL DB
- Eliminated anonymous FTP access
- All plugins
- Should I update Pagelines Pro?
After the above changes, some of the redirecting is gone (which is good), but we still have the double-underline links.
Please advise and note my level of programming requires step by step instructions.
Thank you in advance!
Posted 11 December 2012 - 06:32 PM
Deactivate all plugins, see if it still persists if not re-activate until you find the one causing it...
Could be the PC has a virus...
Do a view source on the page and paste the raw html toand i'll take a look.
Could be a toolbar, could be anything really.
Posted 11 December 2012 - 08:55 PM
Thank you Advocate. I think I've figured it out. We found some malicious browser add-ons including one called InfoAtoms which was very difficult to uninstall.
The other question is how they installed themselves on our PCs (so far 5 computers infected). I'm wondering if our intranet / wordpress / pagelines site spread the software?
Unfortunately, I can't post any page source info at this time. I need to have those requests approved. I've taken a look myself and everything seems in order. Anything I should look for in particular?
Posted 11 December 2012 - 08:58 PM
Wordpress or PageLines cannot install browser plugins. That was one of your employees
Posted 12 December 2012 - 07:48 PM Best Answer
We've begun uninstalling InfoAtoms and deleting registry keys.
Thank you for the input.