XSS Virus Problem

[user1]

Hello, im writting here because very recently i had started getting virus alerts on my norton 360 whilst on the home page of my (recently updated) prestashop (english). I have updated to the latest version of prestashop, disabled the block with the sitemap etc and even changed the name of that module. I also did the bug fixes as per this thread: http://www.prestashop.com/forums/viewthread/78481/P15/security/solved_crosssite_scripting_attack_problem but the malicious code is still there. Can anyone help me?

This is the malicious code on the website:

</html><div style="display: block;overflow:hidden;width:0;height:0;left:0px;position:absolute;top:0px"><iframe id="seaid" src="about:blank"></iframe>

OR

http://pastebin.com/mwxnkYxC

[makaraci]

Hi pal,

- First download your all files from ftp to your pc using cpanel

- second, scan your folder with a reliable AV such as kaspersky

- Third,download and install Advanced Find and Replace .Then search iframe and delete malicious entries.

- Finally,change your ftp password.

In case your pc also infected, you had better to format and make a clean install .

Hope this helps.

Best regards

[ruby1058]

Cross-site scripting holes that attackers client-side web application vulnerabilities to bypass security systems in general by browsers.Primarily modern, XSS viruses are of two types, namely, permanent and non-permanent imposed to allow web content.