Anyone been stung by this WP virus?

Now for the second time I've been stung by a very annoying Wordpress Virus which posts 'automatically related posts' at the end of each posting. Last time I had to pay someone to get rid of it but I'd rather know how to do it myself and also how to keep it out! This is incredibly annoying particularly on blogs using WP robot as it can infect scores of articles.. Would really appreciate some feedback on this and what the heck to do about it.

A virus wouldn't do that, a virus self propagates.
And it is very important to distinguish between a virus and a script.
Being a wordpress installation which is database driven you can pretty much
be sure you have a bad script somewhere in your php.
Are you using any shared premium templates or plugings?
They are your usual entry points.
You should check the code in your footer and plugins for any abnormalities.

I agree with oxonbeef, this is not a virus and I've seen this before. It's probably a plugin you downloaded and installed. I made a brief post about this before but in a nutshell someone will share premium or paid plugins for free. The code is altered in a way that makes automatic posts like you described.

If I were you I'd uninstall anything you downloaded recently. Who knows what else this may be doing to your system.

With that said, WPRobot was one of the plugins being shared that made automatic posts as you described. If you didn't pay for it then I would uninstall it immediately. Also note that it's on the do not share list.

Keep us updated, I'm curious to know the outcome.

I have a virus scan for my wp blog and it says there is something wrong with my blog, although I can't find any scripts, code, files etc that would suggest it. I've done a re-install of wp, so I think it may be something to do with one of my templates (although I already rigorously checked them over with VirusTotal, McAfee et al).

Anyway sorry for rambling on... Have you signed up to one of those sites that you give your details to and they post articles for you? I done that several years ago...

have you installed WPRP plugin? or any plugin of that sort? There are many of them that automatically post related items after each post so that is probably the problem.

Download all your infected blog file to your computer using FTP client (especialy php, html and js files).
After that use a tool like Notpad++ to search in all files for "eval" and "base64_decode" and all php functions used in encoding/decoding.
Look closer beside the functions and you will probably see the infected script part code.
Remove the bad code and then search and fix the source of how you get infected (infected template, plugin, bug in the script or in a plugin, bug in the webhosting server, ...).
Good luck.

Try installing the "Theme Authenticator Checker" plugin. It'll check for any malicious code and static links that you would want to get rid of.

Here is the link :