Support » Everything else WordPress » wp-stats[1].htm Downloader Virus – Upgrade to 2.3.2

  • Ok, I’ve not been able to find much on the Internet about this issue.

    I upgraded my site to 2.3.2 and when viewing the site I get an alert about a virus.

    The virus is the Downloader virus and is supposedly in wp-stats[1].htm

    Anyone else have an idea about this scenario?

    Also, I’ve scanned all my files and there were no viruses found.

Viewing 5 replies - 16 through 20 (of 20 total)
  • mbshafer



    In attempting to access Kaspersky IS 7 returns the following alert:

    The requested URL is infected with Trojan-Clicker.HTML.IFrame.bk virus



    AHHHHHHHHH !!!!!
    oooooooo I’m pulling my hair out because I’ve scanned all my theme files and I haven’t found “Traffic Statistics”.

    I searched in the comments as the suggestion was made and still I didn’t find “Traffic Statistics”.

    so as a temp measure I unapproved all my comments;
    and now I am stumped as to what else to do.

    my site and its mirror are both effected.

    I phoned my host; for what good that did.
    I asked for assistance in diagnosing and repairing the problem and
    was directed to “do it yourself“. that of course means new host.

    I went to to find out from a scan what files were suspect; and I went and looked at them. only to see from the scan report that it appears I am being rated badly because of the amount of links from pages and archive posts that are in my sidebar. what can I do about this since I want my archives and my pages to be available for browsers ?

    Any and All help would be appreciated as google is making my site
    look like a real danger zone; which I assure you it is not.

    Thanks In Advance for Your Assistance and Kindness,

    ~RE Ausetkmt
    BadGalsRadio Daily Blog

    My blogs have been hacked with a redirect to which Google identifies as a Malware host. Every PHP and HTML file was infected a short piece of encoded Javascript. It was added to end of the file in the form of

    <?php echo '<script type="text/javascript">function count(str){var res = "";for(i = 0; i < str.length; ++i) { n = str.charCodeAt(i); res += String.fromCharCode(n - (2)); } return res; }; document.write(count(">khtcog\"\"htcogdqtfgt?2@"));</script>';?>

    I have removed some of the encoded text so that it does not work.

    The solution is to remove the code wherever it occurs. Many times in my case.

    The hacker also added several php files beginning with ‘ad-‘. Not sure what they do but I have also deleted them.

    My blogs seem to be clean now. I have upgraded WP and changed my passwords.

    I’m not sure how it happened. Would welcome suggestions on avoiding future attacks

    You guys are great!

    I was pulling my hair out over this. I completely reuploaded WordPress, upgraded to 2.6, deleted all files on my server that didn’t seem like they belonged there, and STILL it was transfering data from

    Teach me not to look for solutions here or ask somebody 🙂


    I tried upgrading to WordPress 2.6 just now and I noticed that my entire site got knocked off, even my other blog. Any suggestions?

Viewing 5 replies - 16 through 20 (of 20 total)
  • The topic ‘wp-stats[1].htm Downloader Virus – Upgrade to 2.3.2’ is closed to new replies.