1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[HELP] WordPress Blog Infected with Malware

Discussion in 'Blogging' started by Fischlein11, Apr 4, 2012.

  1. Fischlein11

    Fischlein11 Junior Member

    Joined:
    Feb 22, 2010
    Messages:
    121
    Likes Received:
    16
  2. johnwho

    johnwho Regular Member

    Joined:
    Sep 19, 2009
    Messages:
    255
    Likes Received:
    36
    Occupation:
    freelancer
    Location:
    Republika ng Pilipinas
    Do you have a back-up on your WP theme? If so upload those files and replace the infected ones. It probably just an infected WP theme.
     
  3. lizmoz

    lizmoz Power Member

    Joined:
    Oct 10, 2008
    Messages:
    560
    Likes Received:
    328
    ...sorry to say but most likely your computer is also infected... if you were using plain ftp they have your username and pw to your host -> boom.

    scan your machine with everything you got.
     
  4. Fischlein11

    Fischlein11 Junior Member

    Joined:
    Feb 22, 2010
    Messages:
    121
    Likes Received:
    16
    No No No, my PC is Clean.

    Also they dont have the Hosting Data for sure.... i change them every week.

    I got no Backup of this Site :(
     
  5. nimmivh

    nimmivh Regular Member

    Joined:
    Jul 21, 2011
    Messages:
    313
    Likes Received:
    61
    Occupation:
    Merchant and Affiliate
    Location:
    Apple Store
    Check the recently changed files in your site, then you figure out what exactly happened
     
  6. lelando

    lelando Junior Member

    Joined:
    May 13, 2011
    Messages:
    151
    Likes Received:
    61
    this is most likely a script embedded between the <head></head> tags in you're wp header.html or header.php file check those and check to make sure you're .htaccess file is clean. Contact me if you still struggle
     
  7. blue_wings

    blue_wings Newbie

    Joined:
    Feb 2, 2011
    Messages:
    47
    Likes Received:
    71
    Location:
    Romania
    Use a fiverr gig
    Code:
    http://fiverr.com/adrianam2012/secure-your-wordpress-blog-or-site-agains-hacking-attempts
     
  8. nerdmoney

    nerdmoney Junior Member

    Joined:
    Feb 24, 2008
    Messages:
    135
    Likes Received:
    37
    Occupation:
    web nerd
    First, change to the default theme, if the popup goes away, you know its the theme. if not, check your .htaccess file at the public_html directory

    check your themes header, footer, index files
    If it is on every page its probably one of those

    wp-content/themes/MYTHEME/header.php, etc.

    clean up the bad code

    install timthimb vulnerability scanner (9 out of 10 of my clients fix the issue with this)

    http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/

    and run it

    here is also a page to "harden" your wordpress, although doing the above will usually be good enough

    http://codex.wordpress.org/Hardening_WordPress