Hi there!

Thank you for bringing this to our attention, and I sincerely apologize for the inconvenience caused.

To assist you more effectively, may I kindly request temporary administrative access to your site? This will allow me to thoroughly investigate and resolve the issue for you.

Before sharing the credentials, I strongly recommend taking a complete backup of your site to ensure all data remains secure.

Looking forward to your response.

Best regards

Dear Atick Eashrak Shuvo Hi, Thank you for your reply. Just to let you know that there are 45 websites. All of them has securitycheck PRO plugin. So in case u will have an issue, plsease send me your IP and i will add it to whitelist. Also I will need you to give me full and clear instructions what and how to do bcz as you understand - it is a huge work to do. Lets start from https://www.haviarasphilippoullc.com

Can i take a backup of your site?

Do you want me to send it to you? How? or u will do it your self?

If I may....

After analyzing the code, I must warn you, you have malware infection on your site (!) and yes, it could damage the template code (!)

It is a classic example of a webshell (a malicious script) used for remote file management on your server. If you found this among your files, it means your website has been compromised (!)

Examples (there are 3000+ more): plugins\system\helix3\ajax.php and plugins\ajax\ajax.php and root folder: ajax.php

This short script (from file) allows an attacker to upload any file to your server without logging into the admin panel or FTP. And if the attacker infected one site, and the whole rest of the sites are on the same server... he went from "door" to "door" (!) and knock-knock... that's why all sites are broken in the same way!

Michelle, Probably you didn't update Joomla with security updates, (I did it, a moment ago!, but it was your duty, any extension will not help if you don't update CMS or plugins.

I’m afraid you’ll have your hands full for the next few hours (days). Unfortunately, hacks are common, regardless of the CMS or security measures used. Any of us is (or could be) a target for cybercriminals (hackers), or more specifically, their bots, which do the 'dirty work' for them. I shared basic info what you should do. I done cleaning many times, so I know how painful it's. Even I written whole book about that topic in the past.

No honest person would say being a webmaster is always easy. Unfortunately, negligence always comes at a price.

Dear Paul, Thank you for your support. We are cheking with our server, and in case we will need your support. We will contact u again. Regards, michelle

Remember that without Site separation, even if you fix one site today, somebody may come back tomorrow from different one and broke first one again ! I also had that case a month ago, but I was able to stop him after using few tricks.