Jump to content

Server error 5xx, (My hosting provider says your website is infected with "JS/Agent.OZD")


Recommended Posts

Posted

Hi experts, I am very new to coding and I get "server error 5xx" problem, FIRST DETECTED 4/2/22. I contacted my hosting they say it is "JS/Agent.OZD" malware. I would like to explain it from beginnig.My website was first infected with "Japanese kw hack" in which my number of pages reached to 67,000+, I contacted my hosting and upon restoration to previous backupmy website restored to normal. But the GSC showing the same spike of pages. One of expert from GSC says that it will take time to be removed from GSC but now it is the about 5th month and the problem persists.Could you please help me for free to remove this error? 

  • Administrators
Posted

Do you need help with locating the malicious JS on your website? If so, what's your website?

Posted

I need all the steps. To locate the malicious JS on my website and then to fix it step by step. 

healthsolutionblog.com, this is my website. I am attaching GSC SS.

Thanks

5xx.png

5xx2.png

  • Administrators
Posted

What is your website? Its name is cut in the above screenshots.

Posted (edited)

You have bunch of .js files infected on the server. Like this one:
.../wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

At the end of infected .js you can find malicious part. Manually cleaning those files wont probably help, there will be infected .php on your server that looks completely different (and its not visible from visitors POV).

Moreover err 5xx isnt directly connected to this infection. It was probably caused by some wannabe hacker who got access to your server for free and messed things up (ie via exploitable wp plugin). You need much more than help from this forum :)

 

Edited by Nevermind
Posted

MARCOS

www.healthsolutionblog.com

this is my website.

Posted (edited)

@Marcos, can you tell me the detailed process of removing this malware? I am new but can dig to theme editor.

Edited by zaidharis
  • Administrators
Posted

If you can't remove the malware yourself, you can contact a website cleaning and monitoring service, such as www.sucuri.net.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...