rjbush Posted October 13, 2014 Share Posted October 13, 2014 I was just doing a backup of my site to my office computer. I am using version 1.6, running the default theme and no custom add-ons. While downloading the Prestashop folder I was alerted by Kaspersky Antivirus that I had downloaded 3 Trojan Downloaders.JS.Agent.hbs from the presta\cache\smarty\compile folder. First question, is can I simply delete that file, or should I delete all the files in that folder. Secondly how does this malware get into my site and what steps can I take to prohibit this from happening again? I am not particularly good with many of the things in Prestashop, so please keep it simple as you can. Thanks R Bush Link to comment Share on other sites More sharing options...
El Patron Posted October 13, 2014 Share Posted October 13, 2014 change ftp password check that you folders 755 and files 644 (typical of most hosting) if you delete rogue file, it most likely will be reloaded because other part hacked back office-->advanced parms-->configuation (this will detail changed files from base install). when you get it all cleaned up, check out module PrestaVault. which will email you when there are file or permission changes with one click restore of file from protected vault. Link to comment Share on other sites More sharing options...
Recommended Posts