Support » Fixing WordPress » advanced xp defender

  • My weblog seems to have been infected with some sort of Trojan, and I’d be most grateful for advice urgently.

    The thing pops up when I hit the admin and view site links, and I guess it’s probably infective readers’ computers as I write.

    What happens is that a message appears that reads:

    Attention! You have not completed the virus scan!
    Your PC is still infected with spyware!

    Please return to and downloat Advanced XP Defender scanner.

    When I click that off using the top-right-hand cross it seems to have another go.

    Now, I know this is not happening on my main computer only, as I’ve tested it on my second computer. I also know that my spyware detector is picking it up as a Trojan, that appears to come from my weblog.

    Has it been hacked, and if so what should I do please?



Viewing 15 replies - 1 through 15 (of 30 total)
  • I’ve changed my password, replaced the theme, and scanned my computer.

    I really don’t know what else to do – would reinstalling WordPress help, do you think?


    If it happens on websites other than your own, then your computer may be the one infected. If it is only your website, then the bad stuff may be hiding inside your WordPress files (theme and/or core), in your WordPress folders, in your database, or hiding somewhere else on your website.

    Hi there, I think you may want to take a look at this.

    Basically its a scam !!
    Hope it helps. Mike.

    Thanks everyone.

    It was in the weblog and I fixed the immediate problem by reinstalling Wp 2.51, and changed my password for something more difficult.

    My question remains: how did it get in there? Did I install an infected plugin? Did I get hacked? If it happens to anyone else, at least we’ll know what to do.


    I myself would like to know how people with 2.5.1 are getting hacked.

    I don’t personally think that advanced xp defender is about hacking.
    Simply because its a known spyware and not a virus.
    Spyware has to be in something we download and can’t be injected into our systems by hacking.
    I’m glad that Gav appears to have resolved the problem.
    Night all. Mike.

    I’ve got this same problem. I’ve re-installed wordpress and scanned my PC with Spyware Doctor yet the problem continues. Could anyone help me please?

    I did everything last night and it appeared to have worked. Yet today when I clicked around it popped back up again. I have no clue what to do now.

    I mean its only on my site I get this pop up.

    you could try an excellent anti spyware program like
    super anti spyware which is free and very powerful.
    its available at the above link.
    usually finds everything.
    if its appearing on only your website. try clearing cookies and your cache. If I hear any more about this one I will post back.

    The following info is important in getting rid of this spyware.

    hope we can get rid of it once and for all.

    It helped but when I went on my site today it is back again! I just don’t know anymore.

    Here is the site:

    Hi again, well it sounds as though its lurking somewhere.
    i would use the removal tools again, and also make sure you scan all drives, not just c:/
    Also out of interest what browser ae you using?
    If you have a different browser on your computer see if it appears with that also. There are known loopholes in currnt browsers that can let this kind of virulant spyware through.
    I’m sorry that it is still appearing, but really, can only advise to keep cleaning and perhaps try a better spware software. will clear out most things
    Super anti spyware is free and will clear out most things.
    I did this yesterday and found 159, so it really is important
    to regularly scan for these things.
    Keep us posted on what happens.I’m still researching this particular
    type and will post if I find a better fix.

    This just happened to me, and to the guys posting all the removal tools – its not a case of it being on our pc systems. It is somehow in the wordpress installation and popping up only to visitors on the site.

    My guess is we’ve downloaded a plugin that has this little beastie inside it somehow and we’ve installed it on our blogs. Whether this was deliberate or not I don’t know.

    Something even more strange is my blog is also a wrestling blog, but I’ll put that down to coincidence.

    All I can say is list all the plugins, themes and mods you have installed and see if any crossover. Firstly I’m gonna go through everything and see if I can find it.

    I must say this is extremely worrying, I’ve only been using wordpress for 3 weeks after being told it was the easiest and most secure – obviously not.

    Holly crap – upon making backup it has somehow locked all the files from being edited – I’m actually scared now. My site is my main income.

Viewing 15 replies - 1 through 15 (of 30 total)
  • The topic ‘advanced xp defender’ is closed to new replies.