Support » Fixing WordPress » Virus warnings on my wordpress blog

  • Resolved sustainorder


    Suddenly my blog’s visitors started reporting virus warnings, and today I got one as well.
    I have no idea what might be causing this. I clicked on the link the message gave and it said that the site was infected with suspicious malware, and was flagged.
    I have no idea where this came from.

    Could a piece of javascript (+add this) be causing an alarm? I’ve included it in the main index template around the time the virus was being reported, but I doubt this would be the cause. Other than that, I don’t suspect any plugins.
    Could it be wordpress, the newest version?

Viewing 15 replies - 1 through 15 (of 16 total)
  • Not WordPress itself I don’t think as all of us who have recently upgraded would have this problem. I upgraded recently and have not experienced such problems.

    Must be either a plugin, scripting code, or someone plain hacked your WordPress.

    What exactly was the message?

    Does disabling all your added scripts and plugins get rid of this problem? Do you have any added posts or pages you’re not aware of? Any links added that you don’t know of?

    How about a link to your site. It doesn’t have to be “clickable” of course… Perhaps some brave soul with nothing left to loose but time, will brave the solitary trek of reckless abandon across the post-apocalyptic wasteland of your site, and take a look.

    (Sorry. I’m watching “Mad Max” …Again!)


    Lol u guys.. ha ha!
    Well ok, let’s go for it: (i do the actual tech support on the magazine), and write articles for the Green Corner.

    I started by going to the host to let them do checks. I’ll start combing the site later, and if you want you can help me. Thnx!

    one hit on a suspicious “obfuscated” inline script;. Not necessarily a problem, but suspicious.

    var ecov = "pa-v";
    document.write(unescape("%3Cscript src='' type='tex...

    ring any bells? If that is your recent script, perhaps it might be triggering something in some anti-virus products. May not have anything to do with it all at all.

    ‘Kay. quick update to that. I got AVG to hit in IE8. Here is the warning:

    file name

    Video streaming microsoft ActiveX Exploit. (type704) Ya’ll got something goin’ on! Time to do some research.

    Good luck to you!

    Me and Mad Max are going to go hose down my IE cache now. ..yikes…

    YES! this is it:
    This is the link I received in the alert.
    What is it???

    The previous one is a badge javascript code that has been there forever.

    I found that script in your sidebar “Meta” widget. The script is for downloading or emailing a page of your site in .pdf format. Considering the Adobe Reader references in the above link, I would think that might be a good place to start looking.

    That widget has been there forever too without problems.
    I didn’t add anything new to the sidebar since the problem started.

    Where and how did you get the alert?

    What is also weird is that the alert sometimes happens when I am in the admin panel on the blog, not on the home page.
    And it doesn’t always happen, and not to everybody, so maybe this is a browser/firewall issue.

    The “Adobe Acrobat getIcon() Stack Overflow Vulnerability”, really made me suspicious of the integrity of the source for the .pdf print script. It’s on someone elses’ server, so who knows what could happen. I don’t think the firewall has anything to do with it. Post back if you get to the source of the problem.

    Best of Luck.

    Different people run different antivirus software and so depending, they might or might not run into the issue or if they do, they might not even realize it?

    Clayton, I have no idea what that stuff means, from the link you gave me.
    Like I said before, the eco-safe badge has been there for half a year and caused no problems.
    The host ran a scan and found no virus infection, and nothing that would trigger any alerts of any sort.
    Would reinstalling everything help?

    Sounds a bit like overkill, and probably very premature. The actual code on your site may be completely benign. But, it could be caused be someone you link to that has the actual source of infection/hack (such as a remote javascript, iframe, media files, etc…) perhaps seeking experienced third party assistance for reviewing your files and database would be the most productive and prudent at this time. Check with your IT guys and see who they have in the their contacts list. I’m afraid beyond that, I’m out of rational ideas.

    I just got the alert AGAIN.
    The link goes to:
    and from that to:

    Maybe we’ve brought a foreign code by pasting a video source code from another site. It could be a number of things.
    So reinstalling everything wouldn’t make a difference in that case, you’re right.
    I don’t like such situations like this one. I feel completely helpless.

    Just wanted to update, sadly I still haven’t been able to get rid of the annoying alert after reloading everything.
    Now it won’t let me do anything within wordpress, and keeps alerting me with every single click. Not on the WP blog surface- there the alerts have disappeared but they continue on the Dashboard.

    It doesn’t seem to be a regular google alert.

Viewing 15 replies - 1 through 15 (of 16 total)
  • The topic ‘Virus warnings on my wordpress blog’ is closed to new replies.