ScooterCk Posted December 2, 2014 Share Posted December 2, 2014 (edited) My website has been hacked and is infected. www.zipmobiles.co.uk The site is running on Prestashop v1.6 software, I have contacted Google's webmaster forum, they contacted me and asked me to run the below link, this pulls back the same infection as the virus killer is warning about. I don't know where the infection is located though to edit it out of the site. The link starts at the index.php files, but without knowing coding I don't know where or what file this infection is based. PLEASE HELP ME before my site is blacklisted The below link was emailed from Google's webmaster forum help section, I hope this makes sense to somebody on here and you can explain where the problem is located on my website Link sent from Google webmaster forum http://aw-snap.info/file-viewer/?tgt=http://www.zipmobiles.co.uk/index.php/hkv-sustainability/corporate-sustainability&ref_sel=none&ua_sel=gbot2&fs=0 Please Help Scooterck Edited December 2, 2014 by ScooterCk (see edit history) Link to comment Share on other sites More sharing options...
El Patron Posted December 2, 2014 Share Posted December 2, 2014 (edited) first change all ftp passwords, make sure you have up to date virus protection on your local computer using ftp downlaod to your computer shop files (here we expect to catch the virus/trojan) typically the infect/inject a .js file...but to get bad file: (to replace files of native ps)...download your version from PS and unpack (to replace files of theme) get original source of your downlaoded theme. note : folder 755 files 644 (is best permissions) also at time of this writing, popular module Attributes Wizard Pro had vulnerability, dev has fix. also after one fixes and wants to sleep better at night see my work here: https://www.prestashop.com/forums/topic/303132-module-prestavault-malware-trojan-virus-protection/ Edited July 10, 2016 by El Patron (see edit history) Link to comment Share on other sites More sharing options...
ScooterCk Posted December 3, 2014 Author Share Posted December 3, 2014 i don't know where the injected code is sitting on my domain and embedded in the prestashop code. Here is the report again, can anybody identify the file I need to delete the inject code from please ?? http://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fwww.zipmobiles.co.uk&ref_sel=Google&ua_sel=ie9&fs=1 Thank you Link to comment Share on other sites More sharing options...
Recommended Posts