Prestashop - malware

[japanknife]

Hi

 

We are doing a copy of our files with ftp, but when we download we received a message from our local antivirus:

 

Example:

 

\themes\default-bootstrap\css\dump11.php  - PHP/Agent.HQ Troyano

\override\classes\shop\admin.php.suspected - PHP/Small.NBK Troyano

\modules\ebay\classes\EbayShipping.php - PHP/Agent.HQ Troyano

\modules\socialsharing\javascript.php - PHP/Kryptik.BC Troyano

 

Are they malware or infected files?  Or maybe is our local antivirus that is confusing the files?

 

If they are malware / virus what is the solution?  Replace the files for a clean Prestashop version (same version) , contact our hosting to clean it?

 

Any idea or help will be very appreciated 

 

 

[NemoPS]

Malwares I would say. apart from ebay which I do not know, the others are certainly not core of PrestaShop

[Soyons Solidaire]

Hello , Contact your hosting provider , Avoid installing modules that do not come from serious people.. !!

[japanknife]

I didn't install modules, it is a default prestashop shop with the default theme.   The list is longer, about  34 files.

 

Can I replace them from a clean file ( same name and same directory ) ?

[Soyons Solidaire]

I didn't install modules, it is a default prestashop shop with the default theme.   The list is longer, about  34 files.

 

Can I replace them from a clean file ( same name and same directory ) ?

 

Yes you can you have , Have you modify your themes of yes you lose ? contact your host call ? Your prestashop you download it on the official website..?

Edited April 5, 2017 by Soyons zen (see edit history)

[japanknife]

Yes, I have contacted our hosting and I am waiting his answer.

 

When you say  "Yes", it means than I can replace the files from a clean files (original)?

Edited April 5, 2017 by japanknife (see edit history)

[Soyons Solidaire]

Oui, je l'ai contacté notre hébergement et j'attends sa réponse.

 

Quand vous dites « oui », cela signifie que je peux remplacer les fichiers à partir d'un fichier propres (d'origine)?

 

Yes, you can replace your themes without problems. Warning If you have modified themes, you will lose all changes

 

 

FR . Oui, vous pouvez remplacer votre thèmes sans problème. Avertissement Si vous avez modifié le thèmes, vous allez perdre toutes les modifications

Edited April 5, 2017 by Soyons zen (see edit history)

[japanknife]

Thank you very much for your help !!!

[Soyons Solidaire]

Download your prestashop on the official website

[jetway]

As mentioned below always download software from its original developer. If you're running the lastest version of perstashop and downloaded it from prestashop.com such files would not exist. I know this is a repeat but its always important to keep your installation safe. Installing software from suspicious sources makes you vulnerable and gaining trust back from customers is very difficult.

 

 

 

 

Download your prestashop on the official website

 

[vekia]

problems with malware usually are related to modules that have security holes.

if you use non-default modules, its worth to check if there are an updates of these addons.

recently many developers had to release improvements because community found many security holes