topr8 - 2:37 pm on May 19, 2013 (gmt 0)
>>I think they were inserted by a moderator because the original post would otherwise have circled the earth
actually yes, i make the line breaks before posting, as i realised it would have stretched on forever!
>>Are you sure?
well i did my best ... deleted all the files on the server from their filespace.
then manually checked every file (there were not that many, only around 50 and they were only plain html) i removed all the 'injected' lines of code.
i also suggested that they reinstall windows on their local machine, which they said they did, they live in a different town to me, i wasn't going to drive over and do it for them!
but i appreciate your point jim, this is not my area of expertise and it is entirely possible that i may have missed something. so far though the injection hasn't recurred.
thanks for everyone's input, much appreciated.
so i can see the code set a presumably malicious iframe, which would have tried to run some kind of script on the site visitors machines.... i guess this is the common purpose of these type of injection attacks.