Well sadly , Warning: Visiting this site may harm your computer! The website at Jocuri Masini contains elements from the site internetcountercheck.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer. For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for internetcountercheck.com. Learn more about how to protect yourself from harmful software online. I understand that visiting this site may harm my computer. Damn i quote again, "Just visiting a site that contains malware can infect your computer." How can i get rid of this Iframe viruses for good?
Remove the counter from your page and maybe all third party advertising. Then change your control panel password just in case. Then remove the frames from the pages the hard way (manually). Just open each page in notepad2 or the like seach for (cntrl F) and cut out the frames. Then upload the files to the server. Now it is possible that the server has been hacked and they will come back but that is not usually the case.
Hello guys, I've created a PHP virus removal. Just put to the root (or any other folder). It scans all subfolders for infected php and html files. If a file is infected, the added iframe code is remove and the healed file is saved. The code is messy but it works. Regards, Martin ----------------------------------------------- <?php Set_Time_Limit(0); function getDirectory( $path = '.', $level = 0 ){ $ignore = array( 'cgi-bin', '.', '..' ); // Directories to ignore when listing output. Many hosts // will deny PHP access to the cgi-bin. $dh = @opendir( $path ); // Open the directory to the handle $dh while( false !== ( $file = readdir( $dh ) ) ){ // Loop through the directory if( !in_array( $file, $ignore ) ){ // Check that this file is not to be ignored $spaces = str_repeat( ' ', ( $level * 8 ) ); // Just to add spacing to the list, to better // show the directory tree. if( is_dir( "$path/$file" ) ){ // Its a directory, so we need to keep reading down... echo "<strong>$spaces $file</strong><br />"; getDirectory( "$path/$file", ($level+1) ); // Re-call this same function but on a new directory. // this is what makes function recursive. } else { if ( substr($file,-3) == "php") { if ( ($content = file_get_contents("$path/$file")) != false) { $new_content = preg_replace("/echo \"<iframe src=..http:\/\/internetcountercheck.com\/\?click=\d+.. width=1 height=1 style=..visibility:hidden;position:absolute..><\/iframe>\";/mi", "", $content); if ( strlen($new_content) != strlen($content)) { // Write the contents back to the file if ( file_put_contents("$path/$file", $new_content) == false) die("Failed to fix file ".$path.'/'.$file); echo $spaces.'<span style="color:red">'.$path.'/'.$file.'</span><br />'; //Die(); } } } elseif ( substr($file,-3) == "htm" || substr($file,-4) == "html") { if ( ($content = file_get_contents("$path/$file")) != false) { $new_content = preg_replace("/<iframe src=.http:\/\/internetcountercheck.com\/\?click=\d+. width=1 height=1 style=.visibility:hidden;position:absolute.><\/iframe>/mi", "", $content); if ( strlen($new_content) != strlen($content)) { // Write the contents back to the file if ( file_put_contents("$path/$file", $new_content) == false) die("Failed to fix file ".$path.'/'.$file); echo $spaces.'<span style="color:red">'.$path.'/'.$file.'</span><br />'; //Die(); } } } // Just print out the filename } } } closedir( $dh ); // Close the directory handle } getDirectory( "." ); ?>
Wow Martin that's really awesome. Thanks for sharing this code with all of us here. Even I had a hard time getting rid of that virus in my website for good. Even if that was sometime ago, it did cause some serious problems for the site. Just wondering, are you eleslash, do you have a web host? I mean, doesn't web hosts help us with this kinds of technical problems?
They do but it depends on every web host. instantfreesite.com offers support and they even have regular backups for their clients. It even has community forums with a lot of members whom you can interact with regarding such things if you want.
@martin123 @giuseph90 hey guys, regarding ur php virus removal file martin, if i copy and paste the code into notepad and save the file as something like virus-scan.php, do i then just place the file in the root of my website and do nothing else?