Can uploading a wordpress theme incorrectly cause a malware warning?
 

Just installed a new theme on a blog and now it's giving me a mallware warning.

I uploaded through wordpress and it gave me a minor error, so I deleted it and tried again and got no error the second time.

After I go to the mainpage there is now a mallware warning on avwin

The theme came from theme forest so it having mallware in the theme would be very unlikely I would guess.

And when I switch back to the default wordpress theme it is fine.

This happened to anyone else before? Going to delete it again tomorrow and try FTP upload to see what happens.

Any other suggestions or personal experiences?

Thanks in advance :thumbsup

Yes.....

Cool :thumbsup

Is it one you have used before with no warning?

Not insinuating anything against theme forest but it's very easy to hide something in the wordpress theme code and a lot of people never bother to look through it.

I have only tried it on this one site actually. Will try it on another one and see what happens I guess. I'm also going to re-upload it and see what happens.

Will post back with more info.

where did you dl it from?

Theme forest, it's a paid theme. the name is "collection"

I've re-installed it from scratch and just tried another theme and it seems that is still coming up so maybe it's not the theme.

I think it may be an image I uploaded causing the problem because the theme I tried previously that stopped the malware warning didn't display the thumbnail images, this new one I'm trying does and the warning is still coming up.

Now I've just got to find which image is causing the problem :Oh crap

open the page and look in the source, look for any weird iframes or javascript

Ok getting somewhere, this is a very odd problem.

If I take my blogroll down, the error goes away. if I put it back up I get the warning again.

So it's it's blogroll / links related. What could cause that? :S

Also, now I have put the blogroll up I can't view source! WTF!!!

I dunno. Try hiding all of your links (make them invisible). Unhide hide them one at a time until you get the error again. Delete that link.

Good idea! will try that now :thumbsup

Heh, bet yer blogroll is skimming links off to some dick :1orglaugh

A.) Bad guys offer a lot of cool stuff for free, just to spread their attacks
B.) These attacks don't just target you, but your site's visitors
C.) When you add a plugin or theme via WP-Admin (rather than FTP), you may indeed be handing your server and database credentials (username / password) to the bad guys

Some Chinese bastards compromised my site that way and it took Google to tell me :error

i had that happen to me on a theme. had to get a new one

:thumbsup

i bought that one as well, didnt find anything out of the oridnary

Ok thats good to know.

I've removed all links to show 0 and still get the error so it's not that. guess this install must be corrupt. Time to export the posts and start a fresh.