By Mackee on
Hi first I want to apologize if I might be posting this in the wrong topic. Feel free to move this anywhere it is necessary.
I have an advanced forum with fckeditor enabled... LAtely one user always produce this code <div id="refHTML"> at first it has this too <input onclick="jsCall();" id="jsProxy" type="hidden" /> and lately its just that all his post has <div id="refHTML">. I'm just getting suspicious if this is a virus or what?? I research and found a forum on joomla about this script problem too, asking if its a virus.
Please advise if it's just a code coming from an msword, coz I know pasting from msword produce other codes...
Thanks for the help in advance!
Comments
Post the code between <code>
Post the code between
<code>html tags.there it is... sorry i didn't
there it is... sorry i didn't notice. Thanks!
www.raincreativelab.com
is not a virus. The other
Contact me to contract me for D7 -> D10/11 migrations.
is not a virus. The other
Edit: Double post.
Contact me to contract me for D7 -> D10/11 migrations.
Oh, should I worry about
Oh, should I worry about this? It's in all of his textarea where fckeditor are enabled. For example his guestbook intro have this also. I'm just manually removing it. He's been a member of the site a few days ago. I'll check all his post later if it still occurs.
This is the detailed code on his guestbook intro
I googled the code and I found some websites with those codes. This one for example http://health.myblankhurts.com/2009/04/22/show-us-your-city-spirit-rally/ the codes are right exactly at the post. Thanks for the quick reply Hakulicious!
www.raincreativelab.com
This appears to be something new happens in Joomla and wp too
I've been searching for a solution or information and it is happening in CMS. It only happens for me when I use a wysiwyg editor. I've scanned my computer with McAfee and Webroot Spy Sweeper and no joy.
Yes, same here... But for me,
Yes, same here... But for me, it happens to only one user I have. Do you think it is his(the user) computer that has the virus or error. (If it's really a virus or an error, I dont know that to call that)
www.raincreativelab.com
Drupal fck-editor(loads default text) problem
Hi folk,
I'm facing the same problem.I've loaded the fck-editor modue for Drupal 6.10.Every time I need to remove that text
<input type="hidden" id="gwProxy">manually for each node. Its ridiculous job. I don't think that it's a virus.Do anybody has solution to remove this text from the fck-editor automatically.
Thanks in advance,
Web-Farmer
www.letsnurture.com
Only on Firefox
BS"D
Out of the browsers I use (I don't use IE) I get this problem only on Firefox and it is a recent one. No problem with Opera, Safari or Google Chrome. There must be either a feature or malware in FF; a new install of FF does not help and neither did my antivirus or antimalware/spyware program.
Problem is in browsers - remove and reinstall
BS"D
I finally solved the problem in Firefox which in my case was the only browser that was inserting the malicious code.
What I had to do was to use Revo Uninstall http://www.revouninstaller.com and thoroughly remove Firefox including all registry entries before downloading Firefox again and reinstalling it. This should solve the problem for all browsers except IE which cannot be uninstalled with Revo.
As an aside, I had serious problems even opening IE and what I did was to use Revo to get rid of Silverlight. This solved the problem; the 2 browser problems may have been related or it may have just been coincidence.
I have added a post about
I have added a post about this on the FCKEditor module issues log: http://drupal.org/node/457960
We are seeing this same problem for one person on our site. Running virus scan and spyware detector software did not seem to help the situation. If we don't see a fix for the issue in the near future, the next logical step will be to reinstall Firefox -- or hope that Firefox 3.0.11 is released soon and fixes it.
Bad Code
If you want to stop this go into firefox add-ons and remove The Browser Highlighter. Check your other addons also. You can also run Firefox in Safe mode just to test.
Thanks, Njohn! You had the solution!
I disabled Browser Highlighter and the insidious code that spontaneously appeared in only one machine's instance of Firefox, disappeared. Thanks for the advice, Njohn.
Thank you!!
Thank you, NJohn! You are right and have resolved the issue for the new CMS that was just installed on my servers! Worked like a charm! You ROCK!!
not a virus
This one is not a virus.. one of the coding... with out java script() you never seen.. if you want to remove, go to mozilla browser --> click add-ons --> remove the highlighter :) problem solve..
just try to it...