Jump to content

HTML/ScrInject.B trojan report in website by ESET


Go to solution Solved by garywang,

Recommended Posts

Hello 

Recently I got some reports by our site users that ESET is blocking there access to our website.

I use beyond compare to compare website scripts with local scripts, it is totally same.

The site was scanned with different websites and there are not showing any of those issues.

 

HTML/ScrInject.B trojan

Blocked address (maybe):

hxxp://www.mynoteskeeper.com/
hxxp://www.mynoteskeeper.com/.well-known

 

the .well-known contain  a acme-challenge folder and no any file.

 

How can we solve this issues ?

Link to comment
Share on other sites

Thanks your reply, I pause ESET protection and find this script.

But I search my website and not found this script code, how to find and remove it?

z1kIyYeZf2.png

Link to comment
Share on other sites

  • Administrators

It appears that the script is served when 403 is returned by the server. Note that it's compressed with gzip so you can't find by searching for the link:

image.png

image.png

Link to comment
Share on other sites

  • Solution

wow! thanks very much for your help.

I found any address return 403 or 404, it has the same problem in response.

I change .htaccess these line can avoid it

ErrorDocument 403 /err/403.htm
ErrorDocument 404 /err/404.htm

But I still no way to solve it completely.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...