{"id":220,"date":"2013-02-14T16:27:56","date_gmt":"2013-02-14T16:27:56","guid":{"rendered":"http:\/\/www.websites4christians.com\/our-blog\/?p=220"},"modified":"2013-02-14T16:28:12","modified_gmt":"2013-02-14T16:28:12","slug":"virus-alert-gzpqrw-or-tiny-cc-or-tiny-or-similar","status":"publish","type":"post","link":"https:\/\/websites4christians.com\/our-blog\/virus-alert-gzpqrw-or-tiny-cc-or-tiny-or-similar.html","title":{"rendered":"Virus alert!!  : gzpqrw or tiny.cc or Tiny  or similar"},"content":{"rendered":"<p>Are you searching for stuff about a virus gzpqrw or tiny.cc or Tiny\u00a0 or similar, well you&#8217;re in the right place!<\/p>\n<p>I thought I&#8217;d explain today how to get rid of a virus that&#8217;s attacking Joomla 1.5 sites.<\/p>\n<p>Joomla is behind almost 3% of the sites on the web and a large proportion of them are Joomla 1.5.x sites.\u00a0 These can be easily exploited and a virus easily added.\u00a0 Today I&#8217;ll cover getting rid of one of the more difficult to find ones.<\/p>\n<p>This virus manifests itself as a page at the bottom of every page in your website.\u00a0 It&#8217;ll look something like this:<\/p>\n<p><a href=\"http:\/\/www.websites4christians.com\/our-blog\/virus-alert-gzpqrw-or-tiny-cc-or-tiny-or-similar.html\/virus-pic\" rel=\"attachment wp-att-221\"><img loading=\"lazy\" class=\"alignleft size-thumbnail wp-image-221\" alt=\"virus pic\" src=\"http:\/\/www.websites4christians.com\/our-blog\/wp-content\/uploads\/virus-pic-150x150.png\" width=\"150\" height=\"150\" \/><\/a>and it&#8217;ll appear directly under the page text but before the footer.<\/p>\n<p>What this virus does is get another page and adverts and download them into your website.\u00a0 It then places ads in the hope that people will click on them.<\/p>\n<p>Unlike many Joomla viruses this virus is not in an obvious to find place.\u00a0 Often a virus is placed in the index.php file either in the main index.php file or the template one.\u00a0 If you don&#8217;t know what that means don&#8217;t worry you don&#8217;t need to in order to be able to remove the virus!<\/p>\n<p>First you need to get yourself a plain text editor: use notepad++ or crimson both are good and free.\u00a0 Just google them and download and install.<\/p>\n<p>Next you need to be able to download one of the files that runs your website.\u00a0 You should be able to do this via ftp or through your hosting companies site.\u00a0 If you don&#8217;t know ask your hosting company &#8211; or drop me comment.<\/p>\n<p>Once you can access your files go to the httpdocs\/includes folder (might be called public_html\/includes or similar) and find the file application.php, download it and open it in your text editor.\u00a0 Save a copy of this file in case things go wrong.\u00a0 Now edit the original file and find the code that looks like this about line 121:<\/p>\n<pre><img loading=\"lazy\" class=\"aligncenter\" alt=\"\" src=\"http:\/\/www.WEBSITES4CHRISTIANS.COM\/our-blog\/wp-content\/uploads\/virus pic2.PNG\" width=\"639\" height=\"318\" \/>(note this is an image to make this difficult to copy)\r\n\r\nChange it to:\r\n\t\t$contents = JComponentHelper::renderComponent($component);\r\n\t\t$document-&gt;setBuffer($contents,'component');<\/pre>\n<p>Now save and upload the amended file.\u00a0 This should fix the problem.\u00a0 If you have problems please feel free to leave a comment and I&#8217;ll try to help you out.<\/p>\n<p>If you&#8217;ve been infected with this don&#8217;t worry your not alone.\u00a0 In a short search I found a ton of sites with this virus.<\/p>\n<p>Anyway hope this helps.<\/p>\n<p>&nbsp;<\/p>\n<p>Alan<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Are you searching for stuff about a virus gzpqrw or tiny.cc or Tiny\u00a0 or similar, well you&#8217;re in the right place! I thought I&#8217;d explain today how to get rid of a virus that&#8217;s attacking Joomla 1.5 sites. Joomla is behind almost 3% of the sites on the web and a large proportion of them [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[7],"_links":{"self":[{"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/posts\/220"}],"collection":[{"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/comments?post=220"}],"version-history":[{"count":3,"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/posts\/220\/revisions"}],"predecessor-version":[{"id":226,"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/posts\/220\/revisions\/226"}],"wp:attachment":[{"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/media?parent=220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/categories?post=220"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/websites4christians.com\/our-blog\/wp-json\/wp\/v2\/tags?post=220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}