Author Topic: Code injection HELP!!!  (Read 3817 times)


  • Beginner
  • *
  • Posts: 16
Code injection HELP!!!
« on: September 09, 2012, 19:30:18 pm »
I'm having much problems with a code injections on virtuemart and the site is temp "banned" by google.
I run joomla 1.5.26 and virtuemart 1.1.9

the site is

I test it in webmaster tools and give me some code injections on some files of the virtuemart default theme.

How ca i stop this? Anybody can help me?



  • Contributing Developer
  • Full Member
  • *
  • Posts: 872
    • Squangle ltd
Re: Code injection HELP!!!
« Reply #1 on: September 10, 2012, 14:48:54 pm »
need examples. I have not heard of google banning sites due to code injection
614869 products in 747 categories with 15749 products in 1 category.
                                             Document Complete   Fully Loaded
                Load Time First Byte Start Render   Time      Requests      Time      Requests
First View     2.470s     0.635s     1.276s          2.470s       31            2.470s      31
Repeat View  1.064s     0.561s     1.100s          1.064s       4             1.221s       4


  • Beginner
  • *
  • Posts: 29
  • There's no Knowledge that's no Power
Re: Code injection HELP!!!
« Reply #2 on: October 08, 2012, 11:12:57 am »

I think you mean JS malware codes which infects javascript files and forces the end user to instal malicious software.

Many things could cause this, Vulnerable Server/OS , or extensions , misconfiguration , etc. AND it may be or(IMHO) may not be related to the Virtuemart.

The best thing you can do is a restoration of your files (because it could be more than just a js code injection). changing every password for your server (ftp/db,etc....).

Or you can at least scan your javascript files which are infected (use view source and open every .js file loaded in the page ) look for suspicious(encrypted) code (most of times in the end of file most of time between /* A RANDOM NUMBER */ SOME MALICOUS ENCRYPTED CODE  /* THE SAME RANDOM CODE*/

Alternatively you can scan your site using:

and clean them or replace by original files.

After that you can just request a review in Google Webmaster Tools and most of time if you clean your site google will review it in less than 24 hours and everything would be fine. EXCEPT: you should find which vulnerability caused your site to be js injected!

and there is no "A QUICK WAY TO SECURE MY SITE in 24 HOURS" out there , But :Joomla Security Checklist is a good start.



  • Beginner
  • *
  • Posts: 3
Re: Code injection HELP!!!
« Reply #3 on: October 22, 2012, 13:00:13 pm »
your website security might have been compromised by multiple things, but what was overlooked in the previous post was brute force attacks. They are applied in order to break into your site by finding your login credentials. It means, the whole dictionary database can be run in order to find a match. So, if you're using simple username or password, you can have your site hacked easily. You may have a look at this post with some more info on security and preventing hacking attacks.
I believe, security is too serious issue to be taken easily.