5 Ways to Remove iframe Trojan from WordPress Blog
Blogs have quickly become popular all over the world and with more and more people blogging all around the world; WordPress has become popular within a span of just five years in the world of internet blogging. The reason why WordPress has achieved so much success within such a short period of time is its graphical interface that allows users to go beyond basic blogging and add extra tools to make their blog page better. However, with popularity comes a lot of challenges and many WordPress bloggers are facing the problems of iframe Trojan which is a malware that connects the browser with other website without users consent. In fact, I was one of the victim and it is my obligation to help other blogger to find the best solution for this threat.
If not because Huggingthecoast from Stumbleupon reminding me about this threat, I will never realize that iframe trojan was already inside my blog. Then, I searched for the iframe removal solution from Google Search (tips from other bloggers) but only found useless or hard-to-follow instructions. I was really desperate for quick solution. Then, I went to DigitalPoint forum and searched the answer from there. Luckily I managed to find perfect thread and make a contact with the right guy at the right time. He helped me to identify the malicious iframe code in my blog using jsunpack. Following is the iframe malware example that has been decoded from my website using the software. Oh before I forget, you cannot find iframe code easily because they are usually hide under some weird coding.
Click to Enlarge :O
Once you know the bad iframe code, it is time for you to find the code inside your wordpress template (usually at index.php or footer.php). Once you found the code, just DELETE the code and save the template. DONE! Repeat the step if more iframe code found on your blog. However, this is not the end of the story. You must also identify the root cause of your iframe problem. For my case, the root cause of my problem was my infected office desktop/PC. So I just run all-out effort to clean up my PC from all type of malicious trojans and malwares. Following are some other tips.
1. One of the best ways to be immune from iframe Trojan is to constantly scan your computer for infections. Most of the regular anti-virus softwares are unable to detect this piece of code but there are few anti-virus types of software that can immediately detect this Trojan in your system so that you can wipe it out. Example: Avast Virus Scanner (special for online blogs).
2. Another way to remove iframe trojan from your WordPress blog is by removing the unwanted themes and plug-in files that you are currently not using on your WordPress blog. This iframe trojan gets attached to your WordPress plug-in so better if you remove the unwanted ones which might be infected.
3. If you are not able to find the file through your anti virus software, than try finding the file manually in the task manager. You can search for the file nameTrojan.JS.iframe.ef and than delete it manually and restart your computer.
4. If you feel that your current blog is infected with iframe trojan than you can change the themes and pictures in your blog and delete the earlier theme files that would be infected.
5. You can even try changing the password of your account and than immediately scan for the iframe trojan through your antivirus software.
You might have other tips and recommendation on how to avoid or remove iframe trojan from wordpress blog. Please leave a comment. If you have more question, I suggest you to direct message this guy at DigitalPoint Forum Nikb. Thank you.