In addition to yesterday’s problem (click here to read if you havent done so already), I had another problem that was a tad bit nastier. I dont know if the same hacker did this or some other hacker. This is what was happening.

In IE, I type my domain into into the address bar and the page loads, but I also get a virus warning from Nod 32 (my anti-virus program) Somehow, some malicious code had been added to one of my blog post that tried to force a trojan on people that visit the website.

Google also had the site listed as an “attacked site” and when you found the blog in google, it was labled as harmful.

First I had to figure out how to get rid of whatever was contaminating my website. I did a few searches and found a blog post that helped solve my problem.

Go to your Admin Dashboard click on Manage in search type in:
noscript ( this one uses many of other sites so be carefull deleting it if it’s pointing to something like .html) that is malware

iframe

wp-stats-php

if you see something like

<!– Traffic Statistics –>

MALWARE TEXT INCLUDING IFRAME OR SOME IP ADDRESS STARTING WITH 69.132.X.X

<!– End
Traffic Statistics –>

Also go to Admin Dashboard click on Users , delete all users you don’t know or look suspicious.

After I did that, I tested and my antivirus software wasnt going off anymore, but I had a second problem.

How do I get Google to take the “harmful” label off my blog.

This is a little easier to solve. All I had to do is log into my Google Webmasters dashboard and select the url and have it resubmited for review, making sure I check the box saying that I have found and removed any malicious code on my domain.

I did that about 2 days ago and today the “harmful” label has been removed.

All is well and I can start blogging on that site again…if I decide to do so.

One thing I did learn is those updates wordpress are put out for a reason, it would be a good idea to keep Wordpress up to date.