Strange issues out of nowhere

It seems your site is still infected. See report:
https://sitecheck.sucuri.net/results/applebrides.com

I can’t figure it out, according to the AVG link there’s 15 compromised pages, but I have no idea how to track them down. Then if you go to the AVG link, click show more about threat activity and timeline, there hasn’t been any activity for quite some time. I think I’ve closed up the vulnerability, it was a timthumb image resizer that was part of my theme.

If this thing still is on my site how do I get rid of it?

Hey mk2mark

AVG can be tricky because of how they detect things. What’s good to note is if you’re seeing it across a number of HTML pages then it might be good to place your focus on the files generating – PHP. Try looking at your header.php, index.php, function.php and footer.php in the theme itself.

The odds are you have a payload in the core file which is then generating a display on the browser.

Food for thought.

Tony

I couldn’t see anything out of the ordinary in any of those files. I compared them to the original theme files.

How about the Core install?

What else do you have on your server? Is it one site on one server?

Just one site on the server. Running whm/cpanel which I know is overkill. The core install seems to be ok too, it’s not long since I completely overwrote everything there with the standard wordpress files and none of them show any modification since then.

Have you submitted to AVG for reconsideration?

Yes, but I don’t think they have done anything about it – would that be the problem? How could it have been working since they blocked it in that case?

Here is the thing with AVG, they’re slow. If you just submitted it today, you have to give it a few days. Yes, that could be the problem.

They have to review then pass their determination, if its clean they’ll remove, but they’re not known for their speed.

I don’t understand your questions here:

How could it have been working since they blocked it in that case?

Tony

AVG initially blocked my site weeks ago, and I experienced what we are seeing today. However, the site started working again – even though avg still listed it as a threat. How could this be if AVG is the reason the site is acting the way it is?

Don’t know, that’s a question for AVG.

Sounds like they scanned it and found it was still housing the infection. if you feel confident you removed it then it’s best to wait it out, see if they agree.

Tony

Ok thanks Tony.

I’m still curious about why my site is affected the way it is – I don’t understand how a decision by AVG somewhere would affect my site, and in such a manner.

Something else that’s strange – the slideshow is not flipping through the posts.

I’ll be honest, I find it hard to understand how these things are linked. Surely this is something confined to the server itself – it seems far to random a thing for an AVG warning about our site to affect only what it has?

Something I’ve just noticed, there is a wordpress.com stats plugin installed which works, but displays no hits to the site.

This is all very strange and I have made no real progress, what else can I do?