Your site is compromised with malware (one of the .js files). Details here:
http://sitecheck.sucuri.net/scanner/?scan=girlgonegeekblog.com
It seems to be related to the timthumb.php infections we are seeing lately. So it might be something you want to check in your theme (or plugins).
thanks,
I’d love it if someone identified which plugin was introducing this malware to our sites… this is FRUSTRATING
It’s unlikely to be a plugin doing this. A hacker can enter at any point on a server.
I’m beyond stressed!
Basically I found the timthumb.php and deleted the bad code from that and deleted the theme. I forgot that I never deleted the first theme downloaded but wasn’t using (so so stupid).
The bad java was: l10n.js
Then secrui said my site was clean. BUT even after that I couldn’t even access my wordpress dashboard because I kept getting malware warnings.
The site popping up in the malware warning went from portalse.com to custom-wordpress.com. (before screenshot: http://www.girlgonegeekblog.com/wp-content/uploads/2011/08/Screen-shot-2011-08-21-at-6.53.03-PM.png)
Then I found out there was still some malware in config.php and I removed that, but still no good.
I also saw on a few posts that the bad code may be in a few places. I fear I have to reupload my blog. I’m not that good with wordpress and code, I only started this on wordpress.org about a month ago.
I have my original wordpress.com xml from about a month ago. I also have several exported versions of my wordpress.org site. Will the wordpress.org stuff I downloaded from the dashboard > tools > export > export all, include any of the bad malware from the plugins and theme?
Any suggestions for some really good and either free for reasonably priced anti virus plugins/software for wordpress?
I don’t know if my site is clean or still has malware floating around somewhere. Any suggestions on how to fully scan every inch of the site to check for it. I’d be willing to pay for a anti virus/security software/plugin that isn’t too expensive (indie blog) to get the job done right and keep malware off my blog. I’ve lost tons of hits these past few days.
Mike
(@wordpresskeepercom)
I wrote a script that removes malicious code from javascript files so you don’t have to do it by hand – you can remove other unwanted files like upd.php manually – perhaps you find my post useful: http://wordpresskeeper.com/knowledgebase/remove-mwjs2368-malware-from-your-wordpress/
If it helps, Google is very lenient with malware compared to the others. It is pretty slow to come around as well.
For instance Sucuri might find malware right away, because the scanner is on demand, while Google only scans sporadically.
Bing is reasonably harsher, as they might block you for extended periods of time, and they might block you even though no-one else is. Not sure why but it might have something to do with the different level of threats.
The point is, all the malware scanners, whether it’s a search engine, or on demand scanner,, have a tendency to find different problems.
So you should pay attention to them all, most likely, especially if your clients or visitors are using another search engine like Bing.
Hope that helps.
