Support » Fixing WordPress » WordPress allowing spyware to be installed?

  • I have a relatively new machine on which I’ve been working extensively with WordPress. A couple of days ago I ran Spybot for the heck of it. I had four spyware programs and I cleaned them all. I did it again this morning and the same four were back. Ad-a-ware, Double-click, Mediaplex, and one other. I’ve cleaned, re-run Spybot, then re-run programs throughout the day and have narrowed it down to the only programs I ran subsqeuent to cleaning:

    WordPress Codex in Firefox.
    WordPress Support in Firefox.
    WordPress Dashboard in Firefox.

    Please advise. Why are any sites related to WordPress installing spyware?

Viewing 8 replies - 1 through 8 (of 8 total)
  • No sites related to WordPress are installing any spyware. My guess is one of the following:

    A) You run something like AOL instant messager, which allows spyware in because its built in browser is IE and it allows spyware through.

    B) You’re on an unupgraded windows box not behind a firewall or router. The average time for a computer to be compromised is about 12 minutes.

    C) You got spyware in the past and your spyware removal programs are not doing their job entirely correctly.

    I just ran Spybot S&D. I don’t run it real often, because I never really have any problems since I pay a great deal of attention to WHERE I go online…. last time I ran it was a couple of days back after I installed something new (my usual mode/op), and I had nothing there to “fix” – not one thing.

    I spend a lot of time with wp and here at support. I hit the codex when I need something specific – at least once a week, sometimes more often.

    After just now running Spybot (latest updated version, btw), I have no spyware, no adware, no malware. So I don’t think it’s wordpress…. you probably need to look somewhere else. Whatever is doing this may have been on your machine before you ever installed wp.

    I also just ran Adaware from Lavasoft: nothing there either.

    IE (and anything that relies on IE for it’s HTML rendering engine) is sadly extremely vulnerable to various nastiness.

    Masquarade is right on all accounts. Nothing WP related is installing spyware. The other 3 scenarios pointed are all highly likely sources of infection.

    Now that you’ve heard this on two threads, I hope you realize the problem is only in your machine, so we can get back to WP business.

    Moderator James Huff


    Any banner ad and any popup ad that you run across while using Internet Explorer may install spyware. WordPress, and the sites on do not install spyware.

    note that some programs show >cookies< as spyware, which they aren’t. it’s a fallacy that’s continuing to undermine legitimate sites’ ability to track and aid your use of their content.


    Les Bessant


    keeper of the Tiggers

    Most of the more insidious spyware is very good at *reinstalling* itself. The detection tools are often a step or two behind the malware writers. AdAware, Spybot and the like will happily detect and remove the visible signs of infection, but they can miss the little hooks in the registry that reinstall the malware on the next restart (or sooner in some cases).

    Microsoft’s AntiSpyware Beta (bought in from Giant) sometimes does a better job. And sometimes nothing works other than wiping the machine.

    @davidchait – most scanners show tracking cookies from known advertising sites as potential problems rather than cookies in general. Users can then make their own decisions about whether to delete them or not. So doubleclick’s cookies will be flagged up, but amazon’s won’t be, for example.

    (I spend *far* too much time cleaning up infected PCs….)

    Mark (podz)


    Support Maven

    As has been said, WP has nothing bad in it.
    But for those needing help – in case you land here – go to these forums and be VERY patient. I have known a response take 3-4 days – but your choice is a full reinstall. Take your pick.

    Microsoft’s tool has also been questioned as it now lets ad-ware through unless you know exactly what it is (and most people will not)

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘WordPress allowing spyware to be installed?’ is closed to new replies.