Jump to content

[RISOLTO] html:ImgHack-A [Trj] trojan


Recommended Posts

thanks mike


this is my website wwwDOTxxxxxxxxxDOTit


I deleted all my website files and I droped my sql database to try cancel the issue, but that did not solve the problem


Ho cancellato tutti i files del mio sito e tutte le tabelle del database, ma questo non ha risolto il problema.

Link to comment
Share on other sites

Without the site being up I can't work with a developer to try to identify the issue, but like I said earlier, this does not sound like any sort of issue specific to PrestaShop. My guess is, having seen this sort of problem before, someone has gained access to your site via FTP and has installed some sort of script in one of the directories.


Before you do anything else, please be sure to change your FTP password, as this appears to be the likely culprit when it comes to identifying the vulnerability.


Beyond that, there's not much I can recommend, but that should at least secure your site from future attacks, and you can ask your hosting provider to help you identify what has been done to your site.



Link to comment
Share on other sites

Hi Mike

thanks for the answer


I removed all files from my host looking for the issue, I found the trojan in a folder on the root of my host, and I think this is a problem of my provider. NOT in the PS folders.

The folder called ERROR and it had index.php files inside the folders 401, 402, 403, 404, I found many rows at the end of those files (after </html>) like these:




I cancelled these rows from every files and the issue looks fixed, this issue was reported just from Avast antivirus, others antivirus don't show to recognize the problem.


Please if you want have a look to my website (www xxxxxxxxxxx dot it ) is now online and it works good, report to me if you will find some security issue


thank you for your time and interest

Best regards

Link to comment
Share on other sites

Everything looks good to me on my end now. Even though it wasn't a PrestaShop issue, I'm glad you were able to resolve this! There's nothing worse than having your website compromised, you may want to be sure to notify your hosting provider so that they can look into this on their end as well. I will go ahead and mark this thread as solved for you. Happy selling!



Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...