Title: Malware Attack
Last modified: August 19, 2016

---

# Malware Attack

 *  [soulkid](https://wordpress.org/support/users/soulkid/)
 * (@soulkid)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/)
 * I have been trying to combat an apparent Malware attack that google has flagged
   me on. I have two plugins, an antivirus for WP as well as an exploit searcher,
   and they find nothing.
 * I seriously have tried everything I know how to do and cannot solve the problem.
   Can anyone advise me?
 * I would say I am a medium, not advanced person, and am generally new to wordpress.
   This has already been a harrowing experience.

Viewing 9 replies - 1 through 9 (of 9 total)

 *  Thread Starter [soulkid](https://wordpress.org/support/users/soulkid/)
 * (@soulkid)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272315)
 * my site is [http://www.chambermusik.com](http://www.chambermusik.com)
 *  [lokrin2000](https://wordpress.org/support/users/lokrin2000/)
 * (@lokrin2000)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272351)
 * Here is the info Google puts up for your site:
 *     ```
       Safe Browsing
       Diagnostic page for www.chambermusik.com
   
       What is the current listing status for www.chambermusik.com?
   
           Site is listed as suspicious - visiting this web site may harm
       your computer.
   
           Part of this site was listed for suspicious activity 2 time(s)
       over the past 90 days.
   
       What happened when Google visited this site?
   
           Of the 85 pages we tested on the site over the past 90 days, 5
       page(s) resulted in malicious software being downloaded and installed
       without user consent. The last time Google visited this site was on
       2009-10-29, and the last time suspicious content was found on this
       site was on 2009-10-29.
   
           Malicious software includes 36 trojan(s), 27 scripting exploit(s),
       25 exploit(s). Successful infection resulted in an average of 1 new
       process(es) on the target machine.
   
           Malicious software is hosted on 6 domain(s), including
       keymydomains.com/, chberger.com/, specialgt.com/.
   
           2 domain(s) appear to be functioning as intermediaries for
       distributing malware to visitors of this site, including
       specialgt.com/, ncenterpanel.cn/.
   
           This site was hosted on 2 network(s) including AS6461 (MFNX),
       AS31820 (PUGMARKS).
   
       Has this site acted as an intermediary resulting in further
       distribution of malware?
   
           Over the past 90 days, www.chambermusik.com did not appear to
       function as an intermediary for the infection of any sites.
   
       Has this site hosted malware?
   
           No, this site has not hosted malicious software over the past 90
       days.
   
       How did this happen?
   
           In some cases, third parties can add malicious code to legitimate
       sites, which would cause us to show the warning message.
   
       Next steps:
   
           * Return to the previous page.
           * If you are the owner of this web site, you can request a review
       of your site using Google Webmaster Tools. More information about the
       review process is available in Google's Webmaster Help Center.
   
       Updated 22 hours ago
   
       ©2008 Google - Google Home
       ```
   
 *  I suggest using the links here to contact Google directly and work things out.
   But first – go over your entire site and look for hacks.
 *  [lokrin2000](https://wordpress.org/support/users/lokrin2000/)
 * (@lokrin2000)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272353)
 * For some reason those two links did not embedd right:
 * [http://www.google.com/webmasters/tools/](http://www.google.com/webmasters/tools/)
   
   [http://www.google.com/support/webmasters/bin/answer.py?answer=45432](http://www.google.com/support/webmasters/bin/answer.py?answer=45432)
 *  Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * (@jdembowski)
 * Forum Moderator and Brute Squad
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272382)
 * That link you’ve provided is not a WordPress blog. It eventually sends you /wordpress/
   which works.
 * From lokrin2000’s comment
 *     ```
       Of the 85 pages we tested on the site over the past 90 days, 5
       page(s) resulted in malicious software being downloaded and installed
       without user consent.
       ```
   
 * What did you do to the HTML output? The HTML I downloaded using curl is a complete
   unreadable mess. Makes it difficult to see why Google doesn’t like your site.
 *  Thread Starter [soulkid](https://wordpress.org/support/users/soulkid/)
 * (@soulkid)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272452)
 * which html? mine?
 * The code on my index page, for instance is so basic, and has no malware, yet 
   is flagged.
 * <head>
 * <HTML LANG=en-US>
    <HEAD> <TITLE>CHAMBERMUSIK</TITLE> <LINK REV=”made” href=”
   mailto:chambermusikceo@gmail.com”> <META NAME=”keywords” CONTENT=”sha stimuli,
   wu-tang clan, rza, gza, method man, ol’ dirty bastard, ghostface killah, killa
   bees, hip-hop, rap music, underground, new york, online store, cd, dvd, mp3,chambermusik,
   hiphop, hip hop, grimey, dark, G-Clef da Mad Komposa, Soulkid Records, Soul Kid
   Klik, Sunz of Man, Killah Priest, Warcloud, buddha monk”>
 * <META NAME=”description” CONTENT=”Independent Hip-Hop Site / Killa Bee Hive
    
   Featuring the Best in Independent Hip-Hop news – store – forums – radio station–
   free downloads and more!”>
 * <meta name=”google-site-verification” content=”7wkKobDgzcxK71uQkgWUDYV055OXWYm89WYP-
   GmnBOc” />
    <META NAME=”author” CONTENT=”G-Clef da Mad Komposa”> <META NAME=”
   ROBOTS” CONTENT=”ALL”>
 * </HEAD>
 * <style type=”text/css”>
    <!– body, td, th { color: #FFFFFF; } body { background-
   color: #000000; } img { border:0px; } –>
 * </style>
    </head><body> <p align=”center”>
 * <table align=”center” border=”0″ width=”700″>
    <tr> <td> <img src=”[http://chambermusik.com/images/movebackpromo.jpg&#8221](http://chambermusik.com/images/movebackpromo.jpg&#8221);
   alt=”Sha Stimuli coming to stores 11-27″></td> </tr> </table>
 * <p align=”center”> </p>
    <p align=”center”><b>[CONTINUE TO CHAMBERMUSIK.COM</
   b></p>
 * </body>
    </html>
 *  Thread Starter [soulkid](https://wordpress.org/support/users/soulkid/)
 * (@soulkid)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272453)
 * its odd.. if you go to [http://chambermusik.com/wordpress](http://chambermusik.com/wordpress)
   its unflagged but if you go to anything using www in it.. i get flagged.
 * [http://www.chambermusik.com/wordpress/](http://www.chambermusik.com/wordpress/)
   gets flagged.
 *  Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * (@jdembowski)
 * Forum Moderator and Brute Squad
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272464)
 * I meant the HTML code in your /wordpress/ URL.
 * Your /wordpress URL gets 301 Moved Permanently redirected to the /wordpress/ 
   URL. That’s probably why Google doesn’t flag.
 * Give this a look
 * [http://www.unmaskparasites.com/malware-warning-guide/?url=www.chambermusik.com](http://www.unmaskparasites.com/malware-warning-guide/?url=www.chambermusik.com)
 * You may just need to request Google to re-review your site for malware.
 *  Thread Starter [soulkid](https://wordpress.org/support/users/soulkid/)
 * (@soulkid)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272487)
 * yeah well.. google is claiming the last time malware was found was 10-29, but
   I have submitted for review twice since then, and no changes so far.
 *  Thread Starter [soulkid](https://wordpress.org/support/users/soulkid/)
 * (@soulkid)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272507)
 * strange enough, after my last review I guess google saw fit to remove the warning.
   I really haven’t made many changes! Makes me wonder if people are sometimes reporting
   just to mess with sites.

Viewing 9 replies - 1 through 9 (of 9 total)

The topic ‘Malware Attack’ is closed to new replies.

## Tags

 * [attack](https://wordpress.org/support/topic-tag/attack/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 9 replies
 * 3 participants
 * Last reply from: [soulkid](https://wordpress.org/support/users/soulkid/)
 * Last activity: [16 years, 7 months ago](https://wordpress.org/support/topic/malware-attack/#post-1272507)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics