Comments on: Help, my WordPress blog is giving a virus warning! http://wordpressguru.eu/2008/12/help-my-wordpress-blog-is-giving-a-virus-warning/ For all your WordPress needs Fri, 04 Jun 2010 21:56:35 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Owen http://wordpressguru.eu/2008/12/help-my-wordpress-blog-is-giving-a-virus-warning/comment-page-1/#comment-245 Owen Thu, 18 Dec 2008 12:30:09 +0000 http://wordpressguru.eu/?p=95#comment-245 @Brett: Well, I looked in the usual places (.htaccess, wp-content, etc) where malicious code sits, but didn't find anything. I started walking through the code but thought that was too much hassle. Then I got the idea of sorting the files in FTP by timestamp and there, in the root, where the 4 files that had been touched with today's timestamp. And there was the extra line of code. I thought I'd blog about it to stop people having to go through the whole investigation process. @Brett: Well, I looked in the usual places (.htaccess, wp-content, etc) where malicious code sits, but didn’t find anything. I started walking through the code but thought that was too much hassle.

Then I got the idea of sorting the files in FTP by timestamp and there, in the root, where the 4 files that had been touched with today’s timestamp. And there was the extra line of code.

I thought I’d blog about it to stop people having to go through the whole investigation process.

]]> By: brettbum http://wordpressguru.eu/2008/12/help-my-wordpress-blog-is-giving-a-virus-warning/comment-page-1/#comment-244 brettbum Thu, 18 Dec 2008 12:27:10 +0000 http://wordpressguru.eu/?p=95#comment-244 How did you track the line of code down to those 4 files? Or even identify it in the first place? How did you track the line of code down to those 4 files? Or even identify it in the first place?

]]>