This past Sunday, we found iframe virus on our main website, webguru-co.com.  Within a few hours, our site, which runs on Joomla, was up and running without any issues.  I will break down what happened, so that you may too be able to resolve the issue quickly if you should encounter the same issue.

It Wasn't Obvious We Had iFrame Virus

At first, it wasn't that obvious we had iframe virus issue.  On Sunday morning Ulaanbaatar time, our webguru-co.com site was down.  The error read something like this: "Parse error: syntax error, unexpected '/' in..."  We had one of our web masters take a look.  He thought that it was funny that there is an extra slash in the coding on index.php.  He took it out and the site was up and running again.  Only... however, the site went down again within 5 or 10 minutes.  The error now read something like "Parse error: syntax error, unexpected '<' in".  Now, we knew something was most definitely wrong.  We decided to check if there were any viruses.

From experience, we knew that this could be an iframe virus because these were becoming more popular and frequent in 2009.  I had read an article about increased number of such virus incidents.  Additionally, I know about the virus due to one of my friends who had his website attacked by the virus.

How We Confirmed and Cleaned Up the iFrame Virus

I am sure there are many ways to test and find out the virus.  What we did is just one simple way to diagnose and fix the virus infection.  Without further dues, here are the steps that we took to test our files and to clean up the virus:

1. Scan your local drive with a good antivirus program that is up-to-date (Make sure to scan all of the computers that recently accessed the site)
2. We zipped all of our files and downloaded it on our local drive
3. We ran virus checks on all of the files
4. We found multiple instances of iframe virus (This is how we were able to confirm the identity of the culprit) and did repair, move to chest, and delete as necessary
5. We deleted all of our files (note: we are not touching our database during this process.  iframe viruses cannot and do not affect your database)
6. We installed a fresh copy of Joomla
7. We then copied over "cleaned" files from "images", "components", and "plugins"
8. Confirm that the site is running without any issues.

That was basically it.

Often, the whole idea of viruses, especially those that live on the internet can sound daunting, but it isn't that difficult to deal with as it may seem.  If you are not tech savvy yourself, all you need is your web designer or developer who has FTP access to your files to download, cure, and re-upload.

Please feel free to share your experiences with us.  Happy virus-free PC experience.  Cheers!!