stevesearer

The problem came up again today, though I have been unsuccessful in identifying where the novelounge.com code is being inserted into my website.

However, I did delete unused plugins, one being a contact form plugin that became activated mysteriously (I don’t remember activating it). I also cleared the WP-Super-cache and the problem seems to be gone at this point. But after thinking I was successful yesterday, I am not going to be over-confident.

The domain is officesnapshots.com, if anyone wants to check it out and let me know if they are receivign the warnign in Google Chrome, I’d really appreciate it.

Thanks!

Adam, you are correct with it being a MediaTemple issue. The link is here:

https://weblog.mediatemple.net/weblog/category/system-incidents/1378-information-about-compromised-sites

3) I also changed my password and instructed the other admins on my site to do the same.

I had the same issue you are describing, but was able to find and get rid of the problem. Basically, I noticed a couple oddities occur before the Malware warning occurred.

1) The main one was the fact that there were 2 new admin users that I had not created. I promptly deleted those.

2) After realizing that there must have been code inserted into the website, I began searching through the template files to see if I found anything fishy. When I opened the ‘Page Template’ file, I noticed an extremely long and gibberish looking php string that began with “<?php $o =”. I promptly deleted that as well.

After doing both of these things, as well as clearing the cookie and site data in Chrome, revisiting my website seems to be working again without the Malware warning.