All index.html files infected

Forums    Joomla Templates Club    JA Teline II    All index.html files infected
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • juremmm Friend
    May 28, 2011 at 10:24 am #164545

    Hi,

    the googlebot has discovered that my webpage is infected with a code:

    <img heigth=”1″ width=”1″ border=”0″ src=”http://imgaaa.net/t.php?id=9154642″>

    it appears at the end of each html – and there are hundreds of html files on the web page. I am removing this code manually. Is there any more elegant way to remove that code from all index.html files?

    TIA

    mayuri_g Friend
    May 31, 2011 at 12:30 pm #393858

    Image source you provided is causing Reported Attack Page! so 1st check with proper url…

    if still not working then let me know.

    Which Image you are wanting to display? and on which page?

    juremmm Friend
    May 31, 2011 at 12:58 pm #393866

    <em>@mayuri_g 243840 wrote:</em><blockquote>Image source you provided is causing Reported Attack Page! so 1st check with proper url…

    if still not working then let me know.

    Which Image you are wanting to display? and on which page?</blockquote>

    That piece of code is causing a problem! Namely in all Index.html files on my web page there has been this code written in by a virus. I do not want any image to display, I would like to erase this code (<img heigth=”1″ width=”1″ border=”0″ src=”http://imgaaa.net/t.php?id=9154642″>) to be deleted from all Index.html files.

    Any idea how?

    mayuri_g Friend
    May 31, 2011 at 1:04 pm #393868

    can you send me url of your site and admin details on http://support.joomlart.com/index.php?/Tickets/Ticket/View/73565

    Phill Moderator
    May 31, 2011 at 1:48 pm #393878

    Sorry, but you will have to work through the files carefully finding the ones with the problem. It gets more difficult than that in fact, you will also need to scan your database for any entries that the hackers may have left behind and any files elsewhere the hackers may have dumped on your system. Not a simple task.

    If you are on a linux server and are good with linux then you could use the logs to see exactly what has been attacked.

    Or if you have a backup from before the attack you could restore to this.

    I am guessing that some of your components or your Joomla install were not up to date hence the attack. Sorry to be the bearer of all the doom, you have your work cut out.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)

This topic contains 5 replies, has 3 voices, and was last updated by  Phill 13 years, 5 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum

Important Notice :

New Unified Portal is live

Must Read

Jump to forum

Categories