According to the AVG website your domain is listed as clean.
http://www.avgthreatlabs.com/website-safety-reports/domain/bloggingwv.com
Also the Sucuri site scanner list your site as clean, http://sitecheck.sucuri.net/results/bloggingwv.com
Could be a false alarm but maybe you should file a support ticket with AVG to make sure.
Although your site now shows up as clean. Have you had any malware problems on your site within the last few days or weeks?
And as for the permalinks on your site, are you using the default settings? If so, try this….go in and change the permalinks from ‘default’ to ‘post’ and try to view your site again.
Had the same problem with a site that had and after toggling the permalinks to post the exploit warning from AVG went away.
Thread Starter
tek428
(@tek428)
My permalinks are set to post name. They have been that way for years. I haven’t installed any new plugins or anything over the past few weeks, nor have I been aware of any malware problems. I will have to check with AVG.
Thanks,
Bucky
Exact same problem here. And what the hell is niftyCorners.css That is the file which is also showing as a threat and it says that it is located in the root folder (not).
Thread Starter
tek428
(@tek428)
We use AVG where I work also, but I am able to access my site from there. Just not my home computer.
Are you certain about being hacked? The site checker websites all show my site as being fine.
Same thing here – AVG won’t load my site (www.nerdrepository.com), keeps telling me that it’s detecting Blackhat SEO Type 1720.
Sucuri Site Scan shows that I’m clean. Thoughts?
Thread Starter
tek428
(@tek428)
I clean installed all of the wordpress core files, to no avail. Malware was still there.
Then I switched my theme. It worked. The malware is somewhere in the theme files.
I was using MANDIGO theme.
Thread Starter
tek428
(@tek428)
I found it with help from someone at AVG!
He told me the injection was right after the BODY tag.
I found it in my header file.
It was a javascript injection that looked like this
if(document.getElementById('hideMe') != null){document.getElementById('hideMe').style.visibility = 'hidden';document.getElementById('hideMe').style.display = 'none';}
Thread Starter
tek428
(@tek428)
I and our customers are getting a virus code
“Exploit Blackhat SEO (type 1720)” when we log onto our website http://www.soundequinevet.com I need to know how to fix this, we have an on-line pharmacy our clients need to have access too from our website.
@drea bowen – see the resources posted above – start going through them – there is no fast/easy fix.
I had this on one of my sites today. AVG desktop antivirus alerted. I had my host check, they found no injected code. So they say it’s a false positive.
I have sent a support request to AVG, I suggest you do the same.
I had the same problem on two urls.
I removed the old themes and downloaded new ones.
To be extra safe I also changed my admin passwords.
It turns out in my case it was NOT a false positive.
It was a plugin that injected a code on my fronpage. The plugin was WordPress Newsletter Plugin from Fastemailsender.
I have removed it and wouldn’t touch it again if they paid me.
Steve
