My site (kozpics.com) has been hacked three times in two months. Google warns me of script injections. I thought I had cleaned and asked google for another review; they say it's still infected.
Google webmaster tools tells me there was malicious content on 93 pages on the site. They are script injections (such as <script src="http://stigat67ionsfor.rr.nu/nl.php?p=d">). The injections are all different but they all from rr.nu.
I try to find the contamination; I view index.php, search for part of the script string, and find no results.
To clean it, I've cleared _data/templates_c and _data/combined files, re-installed software from the download copy of the same version (2.5.1), upgraded password to strong and unique, and deleted all ftp accounts from my account.
What else should I do? I want to save all the pics and data if possible.
Thanks / Kozmo
Offline
I don't understand why you oppenned a new topic... is the same subject
anyway I don't think there is anything else to do, just wait that google analyses your site again
Offline