really need help!avast report trojan on my wordpress site

i hope somebody helps me in this problem,recently i frequently get “js:redirection-xx” warning when visiting my own site"hxxp://www.feibaibuke.com"(in chinese),"xx"after “redirection” changes,yesterday it’s “PV”,today is “QG”.and block by AVAST!free from visiting.

i shares a host with some guy,no problem with their site,and no problem with my site’s back-end too,warning only appears on front-end.

i run a check on “virustotal.com”,but it shows my site is clean!is it a FP or my site really get infected by some trojan?what should i do?i somehow support my family by this site,so,it’s really really about LIFE SAVING!!!

HELP!!!SOS!!!

sucuri
http://sitecheck.sucuri.net/results/http://www.feibaibuke.com

zulu
http://zulu.zscaler.com/submission/show/d66151f722021534737758cf5bc157f7-1331284833

absolutely infected with malware it seems …

You should not be given any more warnings, as the exploit is now removed. :slight_smile:

http://sitecheck.sucuri.net/results/feibaibuke.com

this site is now down

nope…

http://www.downforeveryoneorjustme.com/www.feibaibuke.com

I get a benign here: htxp://zulu.zscaler.com/submission/show/d66151f722021534737758cf5bc157f7-1331317727
and here: htxp://sitecheck.sucuri.net/results/http://www.feibaibuke.com/
suspicious here: htxp://urlquery.net/report.php?id=29942

polonus

thanks to all experts above,your advise and report is helping!

i’ve contacted host owner,there truely is expliot on my site,and removed some harmful code,but still,we failed to find out where virus comes from,i didt make any special move on this site,system and plugings is updated…really weired…

and after exploit been removed,i used online checking tool test my site,and i got a safe report,but after about 2 hours,when i test again,these virus comes back!but again 1 hour past,until now,virus seems vanished…did i deal with some kind of ghost???

Does the malware still come back? If so, you should check to make sure that none of your other files are writing malware to your site.

Also, if you haven’t done already, it is recommended to change your password.

See: http://codex.wordpress.org/FAQ_My_site_was_hacked