1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

(NEED HELP) I Got VIRUS in my Blog

Discussion in 'Blogging' started by dewaz, Jan 31, 2012.

  1. dewaz

    dewaz Regular Member

    Joined:
    Nov 27, 2011
    Messages:
    399
    Likes Received:
    47
    Home Page:
    Today I when I open with FF it shows:
    [​IMG]

    But shows nothing when I use chrome. I check using another PC and virrus warning appear.

    What should I do now?

    Hundreds post inside, if I have to re-install WP, all will be gone. What's cause this? Theme or plugins? Or somebody else attacking my site?

    Please advise... thank you.
     
  2. flexnds

    flexnds Power Member

    Joined:
    Jan 4, 2010
    Messages:
    643
    Likes Received:
    680
    Occupation:
    Internet Marketing, Web development, Internet Repu
    Location:
    AZ
    You need to go through all of your files. One thing that happened to me was I found a nice free theme, I checked the theme for any malicious code and all checked out. However, the author of the theme must have been associated with some malware because I got the same warning page and it mentioned the url that was sitting in the css theme URI info. This was a free theme in the wordpress.org directory as well.

    so what I would do check all the theme files for starters, every file it came with.

    Install "WebsiteDefender WordPress Security" plugin and do a scan. There are also some other scanners out there. After a scan try to fix all errors shown.

    Check if you are using the old timthumb file. You can even use a plugin for that too "TimThumb Vulnerability Scanner". It will auto update your old one.

    Give those a try and see what happens, though keep in mind that sometimes once you get those page warning your site could already be put in AV databases as a malware site. This is why it's important to check your sites often.
     
    • Thanks Thanks x 3
  3. dewaz

    dewaz Regular Member

    Joined:
    Nov 27, 2011
    Messages:
    399
    Likes Received:
    47
    Home Page:
    do that now. thanks.

    any others?
     
  4. flexnds

    flexnds Power Member

    Joined:
    Jan 4, 2010
    Messages:
    643
    Likes Received:
    680
    Occupation:
    Internet Marketing, Web development, Internet Repu
    Location:
    AZ
    This is also why it's important to keep updated backups of your site, especially something with a lot of posts or really anything you put a lot of time and effort into. With an updated backup you can just nuke what's there and be back up and running in under 5 mins.
     
  5. mazar

    mazar Regular Member

    Joined:
    May 24, 2010
    Messages:
    310
    Likes Received:
    120
    i picked one up a few weeks back , i re installed the theme instead of checking the files for the virus . it worked first time .i also installed a plug in called TAC which reports any malicious code . my problem was the prettypics part of client machine and the latest update of wordpress as far as i could tell .
     
  6. Mike Hunt

    Mike Hunt Junior Member

    Joined:
    Mar 28, 2009
    Messages:
    185
    Likes Received:
    133
    Location:
    ChiTown
    @flexnds thanks for the wink, I was like wtf, did that just happen for a second then it did again LOL!

    @dewaz listen to what flexnds says because it's best to be competent about these things yourself. An easy fix is contact your hosting company and send them screenshot of whats going on with your site and they will handle it. Sometimes the ip on in your hosting gets hacked so all sites get hacked. Happened to me twice last year and I was using default wordpress theme 2nd time and they handled it. No probs since w/ site since then.

    Also I don't use free themes found on Google anymore but search and upload from wordpress itself as they tend to be safer imo and don't contain any funky links about them. BTW atahualpa theme is free, found on wordpress, good for seo and crazy customizable. I have nearly recreated some expensive themes with it but specified more to my likings.
     
    • Thanks Thanks x 1
  7. dewaz

    dewaz Regular Member

    Joined:
    Nov 27, 2011
    Messages:
    399
    Likes Received:
    47
    Home Page:
    ok it's done now.

    1. i install WebsiteDefender WordPress Security and wordpress deffender that later i knew that they are same. so i kept the first one. this tools give me clue that i have some hole but didn't show me where's the virus.

    2. instal TAC and detect all my theme. result everything fine, later I know it didn't

    3. scan with http://sitecheck.sucuri.net/scanner/
    show real condition of my site. detected virus but to clean it, i have to pay 89 or something. i wont.

    4. upgrade wp from 3.3 to 3.4 (backup db first)

    5. change theme to some kind but still detected virus through sitecheck.sucuri.net/scanner/. Desperately i choose twenty eleven and got clean result.

    now i have to keep this ugly theme and deleting the others.