Locating The Virus
Last week I encountered a virus on one of our client’s sites, BillysBestBottles.com. Through a few hours of research and then a few more of search and destroy techniques, I managed to locate virus and delete the problem file. The virus was in the “Author” folder located in a PHP file called ibinc.php.
I actually ended up downloading the entire contents of the site and scanning it with Microsoft Security Essentials, which located the virus in no time.
Deploy Future Countermeasures
I’ve installed a few handy plugins to ensure we don’t get this happening on this site again. The plugins I installed were:
For your overall virus needs. Provides a breakdown and scans your WordPress site. Download
Web Security Tools
Geared more towards PHP & HTACCESS file viruses. Another great virus tool to have. Download
Clearing The Aftermath
After you’ve got your infection contained and removed, you should go about removing links the virus may have created within Google’s Search Engine Cache a.k.a “Google Search Results”. This can be done by logging into your Google Webmaster Tools portal and requesting the removal each link. Do a site search for virus keyword (in my case it was “Viagra”) to find the infected links and posts by typing keyword: yoursitename.com on Google Search. For more information on removing link from Google, check out this help section. I hope this helps people trying to figure out the same problem I had! Thanks for reading!