Malware has been detected by Google Chrome on my WordPress Blog..

• 

  cbasta · Member · Aug 18, 2013 at 10:46 pm

  • Copy link
  • Add topic to favorites

  Message from Chrome:

  Danger: Malware Ahead!
  Google Chrome has blocked access to this page on cbasta.wordpress.com.
  Content from http://www.bravotroyohio.com, a known malware distributor, has been inserted into this web page. Visiting this page now is very likely to infect your computer with malware.
  Malware is malicious software that causes things like identity theft, financial loss, and permanent file deletion.

  The blog I need help with is: (visible only to logged in users)

• 

  raincoaster · Member · Aug 18, 2013 at 11:07 pm

  • Copy link

  Usually that is because you’ve hotlinked an image from that site. Do a google search of your site for “bravotroyohio.com” to find the file and delete it.

• 

  cbasta · Member · Aug 19, 2013 at 12:01 am

  • Copy link

  Thanks, the search showed 0 results. I haven’t added or changed any files since at least the middle of June.

• 

  timmypotz2 · Member · Aug 25, 2013 at 3:18 pm

  • Copy link

  Yes I checked your site with http://sucuri.net/ its clean but it doesn’t mean that your website is free to malware. Yes website has a black hole exploit kit. First step scan your computer if your desktop has a malware. 2nd secure your FTP and change your password. and 3rd look at your php files and search for “base64_decode” or “eval” the code longer pretty then removes that code.

• 

  timmypotz2 · Member · Aug 25, 2013 at 3:20 pm

  • Copy link

  Oh forgot to say you can find the code in any PHP files, plugins, cs’s, directories etc. or if you have .htaccess look at the string. If you access your WordPress admin you can install exploit scanner http://wordpress.org/plugins/exploit-scanner/. That plugin will scan the malware strings

• 

  auxclass · Member · Aug 25, 2013 at 3:32 pm

  • Copy link

  Pay no attention to timmy – out side of checking your PC for junk – you have no FTP access here – you can’t edit the php code, and you can’t install Plugin’s here – and the staff make sure that your site is secure and has no”black hole exploit”

  timmy –

  https://en.forums.wordpress.com/topic/7-things-to-know-before-posting-in-wordpresscom-forums?replies=1

  For more on the difference: http://support.wordpress.com/com-vs-org/

• 

  timmypotz2 · Member · Aug 25, 2013 at 3:40 pm

  • Copy link

  Oh sorry im a newbie i did not see http://www.bravotroyohio.com NOT a wordpress. I thought all here is wordpress version. Soooorryyyyy :)