I'm a rank amateur and believe I'm experiencing my first malicious script. It's only visible through my HTML validator and it dissappears when I view the source code in any other fashion. It's wrecked my animation as well as the other scripts I had going on my site. When I FTP the siteroot to my desktop it's clean but the minute it's uploaded to my server it's jacked... What the hell am I supposed to do about this? How has my host let this happen??? Any info at all would be helpful. I was able to print the entire script if anyone needs to see it but I didn't want to post it not knowing exactly what it was... :mad:

Actually sounds like something your host is adding. Many "free" or discount hosting companies add script to display ads to finance the service. If you'll post a small snippet of the offending code I'm sure someone here could probably identify it's source.

I think it sounds like an automated add script, too. Who's your host? And are you paying them anything for hosting?

Thanks for the interest, on a mac in school this morning I was able to view what's left of my site (splash page, that's about it as I took the rest down) and it appeared normal. Now here at home I've got the same old problem. The following script appears when checking the alert in the Firefox validator:

<script language='javascript' src='http://127.0.0.1:1033/js.cgi?pca&r=7285'></script>

The following is found outside my closing html tag:

<script language='javascript'>postamble();</script>

If you follow the src of the first script you'll find:

var blockedReferrer = 'blockedReferrer';
NS_ActualWrite=document.write;
// Popup Blocker -->
RanPostamble=0;
NS_ActualOpen=window.open;
function NS_NullWindow(){this.window;}
function nullDoc() {
this.open = NS_NullWindow;
this.write = NS_NullWindow;
this.close = NS_NullWindow;
}
function NS_NewOpen (url,nam,atr){
if((nam!='' && nam==window.name) || nam=='_top'){
return(NS_ActualOpen(url,nam,atr));}
obj=new NS_NullWindow();
obj.focus = NS_NullWindow;
obj.blur = NS_NullWindow;
obj.opener = this.window;
obj.document = new nullDoc();
return(obj);
}

Let me know if you'd like to see more.

Thanks so much!!!

Thanks for the interest! I'm using Hostgator and have the "Baby Croc" package. I basically picked them on the recommendation of a teacher. This is my first outing onto the www so I really didn't ask too many other questions. Any light you can shed sure would be appreciated. I'm running virus/spyware scans on eveything I own right now just to try and do SOMETHING but I'm not sure it's the answer...

Thanks!

127.0.0.1 is the local machine by definition
Port 1033 is used by Microsoft's Authentication Services, and is generally listed as a general local netinfo port. Could also be used by a spyware/virus checker. Norton's internet security has been known to add scripts also.

I use to have hostgator and had no problems with them in the past so I am pretty sure its not them. If someone here cannot help you try calling hostgator and find out whats going on.

I use to have hostgator and had no problems with them in the past so I am pretty sure its not them. If someone here cannot help you try calling hostgator and find out whats going on.

I've called them like 15 times in the last two days and the line's been busy. Not exactly instilling confidence... :confused:

The preamble and postamble look familiar. Are you by any chance running ZoneAlarm on your client pc?

Firewall software inserts this type of code.

If the host has added in adverts, your firewall may be blocking them due to activity or security issues with have caused your firewall to stop this activity.

Alter your firewall policy to allow all adverts like banner ads, images,etc or add your host to your 'trusted' list.

The preamble and postamble look familiar. Are you by any chance running ZoneAlarm on your client pc?

Hey,

Yes indeed I am... As it turned out I didn't even consider the fact that I just installed the latest ZA Security Suite when the problem started. Duh! It was my security settings jankin' me up the whole time!!! (Hmm... Should I even be handling a computer? Maybe if I talk louder into the mouse...) Anyway, thanks to all that tried to help. Sometimes stupidity just has to run it's own course!

Cheers!

Firewall software inserts this type of code.

If the host has added in adverts, your firewall may be blocking them due to activity or security issues with have caused your firewall to stop this activity.

Alter your firewall policy to allow all adverts like banner ads, images,etc or add your host to your 'trusted' list.

Yo,

what I had to do was go into the program control, select my browsers from the list and disable "privacy" and "parental controls". Not really sure of the actual consequences of this action but it cleared up my graphic issues and validated my code in FF. Guess I'm paranoid cause the minute something goes wrong with anything technological I'm ready to yell Bug! Virus! Hacker! Malicious Javascript! It couldn't my own ignorance causing all this!!!

Thanks for your interest!

I use to have hostgator and had no problems with them in the past so I am pretty sure its not them. If someone here cannot help you try calling hostgator and find out whats going on.

I never did get them on the phone but they responded immediately to e-mail... While they couldn't identify the problem exactly they at least were able to eliminate themselves as a factor in any of this.

Thanks again!