Support » Fixing WordPress » Sucuri SiteCheck says infected with malware

Viewing 12 replies - 1 through 12 (of 12 total)
  • It looks a bit like you are guilty by association. Have you contacted Sucuri and asked for a re-evaluation?

    i can’t really understand you can you explain?
    poor english sorry

    I think that Sucuri made a mistake. Ask support@sucuri.net to recheck your site.

    but my antvir do pop up thought…(when i open my wordpress)
    using..nod32

    Then contact your anti-virus software manufacturer.

    You can replace that file with a clean file from here (http://wordpress.org/download/). If you still get an error, your anti-virus software is wrong.

    sites rarely get blacklisted unless the owner/host ignores repeated warnings…avoid this link..mod should remove it

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    Sucuri just reports on what the other sites say, and what they find in a scan at that moment, so it’s hard for it to be a ‘mistake’ on their part.

    I generally find that when someone is yelling that they’re clean and all the other sources say they’re not, its their server/host who is at fault. Or they just don’t know what they’re doing. Check your web server as a whole, it could be that’s infected, which would taint your results too.

    The site is offline right now, but when I could see it, it looked fine. Sucuri is triggering on jQuery. If you look at that jQuery file (view-source:http://gtacg.co.cc/wp-includes/js/jquery/jquery.js?ver=1.7.2) the only thing different about it from the stock jQuery 1.7.2 (http://code.jquery.com/jquery-1.7.2.min.js) is jQuery.noConflict(); at the end of u88257’s file. That might be enough to throw a badly designed filter, but I see that same jQuery.noConflict(); on our sites and we don’t have an issue. Otherwise, is there some horrible flaw in jQuery 1.7.2?

    Two things come to mind. That domain looks like the random-character domains used by spammers, and in fact there are some similar domains listed in some spam databases. That might be enough to trigger some heuristic filters. And secondly, what Ipstenu said. You could be tainted by other sites on your server.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    jQuery.noConflict(); won’t cause a problem 🙂

    ok it’s fine now
    i just change a domain and re install wordpress

    Hi

    Tony here with Sucuri. Please if you ever feel we’re reporting something incorrectly send us a note at info@sucuri.net.

    I’d be lying if I said we don’t make mistakes.

    Take Care

    Tony

    Glad to see its better now. I do see that we’re blacklisting you in our own engine and I’ll pass it up to the engineers to take a look.

    Check the size of your jquery.js and also open the jquery link in your browser. The size should be less than 100kb and it should show jquery and it’s version in the file content.

    I had this problem, where a plugin changes the jquery.js in the background with a malware version. Took me a while to track down This plugin replaces jquery.js with a malware

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Sucuri SiteCheck says infected with malware’ is closed to new replies.