A new malware has been creating huge problems for many WP bloggers over the past week. Avast anti-virus is detecting a Trojan when I and others attempt to create a new post or page, or even to edit a post or page. Avast identifies the culprit as JS:Illredir-B [Trj]. Does anyone know how to get rid of this -- it seems to be imbedded within the WP code. I cannot post anything now.
The malware has also created problems in other areas of WordPress, including a number of plug-ins that utilize java script, as well as the entire wp-includes/js folder. These latter problems in some cases corrupt the blog, with error messages coming up, rather than the blog itself. I've managed, with the help of Hostgator and my server admin, to resolve these problems via cPanel, deleting everything that Avast identifies. My blog is once again visible, but I cannot post to it.
The culprit behind these problems appears to be a malware siszyd32.exe, which is secretly downloaded onto computers that visit infected blogs. Once in one's computer, it then seeks out one's blogs and inserts bad things there.