WordPress.org

Ready to get started?Download WordPress

Forums

Strange issues as of this morning (12 posts)

  1. mk2mark
    Member
    Posted 2 years ago #

    As of this morning, there are four problems with the site (applebrides.com) that weren't there yesterday.

    1. Two plugins are acting strange. There's an ad plugin in the sidebar (adrotate) which does load, but none of the ads come up. This is the "Featured Vendors" widget. No popup/ad disabling was active on the browser.

    2. The other plugin is a social media one that displays at the bottom of each post. Facebook share and tweet icons don't show up. Interestingly the tweet icon is restored if I turn off the adrotate plugin.

    3. The black bar along the top when I am logged in and viewing the site has disappeared. It remains on the backend.

    4. Not sure if this is new or not, but when I hover over an unclickable part of the site, I see applebrides.com/wp-admin/update-core.php in the status bar of the browser.

    I have restored the database to yesterday when all was still working, but that has made no difference. I have also reinstalled wordpress with no change. What else can I do, and what is going on? I am totally baffled.

  2. mk2mark
    Member
    Posted 2 years ago #

    I have turned off all plugins, no effect. Turning on either adrotate or the social media plugin alone does not fix anything either.

  3. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    It is a case of possible infection. Please see this report.

  4. mk2mark
    Member
    Posted 2 years ago #

    Wow, how do I fix this? I run the dedicated server myself. I have clamav and a firewall on it. Presumably the first step is to run a scan - anything else?

  5. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    As a test, can you just delete the Social Sharing Toolkit v2.0.8 and report back so that I check the results using another tool?

  6. mk2mark
    Member
    Posted 2 years ago #

    Done, really appreciate the help.

  7. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    Unusually very large number of (repeated) links were being added by that plugin. They are not there now. But the infection status is the same.

    Try these, before you finally decide if this is a hack/ Malware.

    1. Deactivate all plugins
    2. Delete inactive plugins
    3. Revert to Twenty Eleven theme.

    If you can do these I will check it again.

  8. mk2mark
    Member
    Posted 2 years ago #

    Hi,

    I can deactivate all the plugins, but reverting the theme might not be feasible right now since this is the busy time of day. I can do it but I would need to minimise the time on the 2011 theme. If I could check what you are doing that might help?

  9. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    See another report from AVG: http://www.avgthreatlabs.com/sitereports/domain/applebrides.com

    It confirms the threat!

    AVG identifies the virus as:

    Blackhole Exploit Kit is a threat that is spreading. It is currently ranked 1 in the world for online threats.

    .

  10. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    I can do it but I would need to minimise the time on the 2011 theme.

    No need to change the theme. It is confirmed as above. It is a kind of malware/ hack for which you have to take all the steps required to cleanup your site.

  11. mk2mark
    Member
    Posted 2 years ago #

    Hey thanks a lot for this, I'm working my way through getting rid of this virus. Much appreciated.

  12. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    You are welcome!

Topic Closed

This topic has been closed to new replies.

About this Topic