Does Anyone Understand This ??

Hi Guys been having problems for a few weeks with Avast Anti Virus who have blacklisted my site. Google or no other virus/malware scanners have black listed the site.

Many of my site users are Avast users and traffic and income is down for me. I have been chasing this up with Avast who now say the following.

> The avast alert was for hxtp://

Code hick-up benign

nothing detected

status: ( 92629 bytes ae49e56999d82802727455f0ba83b63acd90a22b

info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP

info: [decodingLevel=0] found JavaScript


Read how your site might have been infected:

Core code from WP is mostly secure and updated regularly against insecurities and vulnerabilities,

but there are many plug-ins and extemsions for WP that are less secure and may be vulnerable.

The xmlrpc-php-security issues should be taken up with your hoster as these are web server attacks.

See code

46:< link rel="EditURI" type="application/rsd+xml" title="RSD" href="htxp://" />

47:< link rel="wlwmanifest" type="application/wlwmanifest+xml" href="htxp://" />

There is also an issue with this backlink: …">


GET /p/flash/moogaloop/5.5.0b29/moogaloop.swf?clip_id=62537288 HTTP/1.1


HTTP/1.1 200 OK

Content-Type: application/x-shockwave-flash


Basically this makes no sense to me at all and I dont know what steps are needed to tidy up the site.

Please please please help.

1 Reply


Avast seems to think your wp-mail.php file is (or was) infected. They also don't like that you haven't changed your WordPress code to remove the xmlrpc.php link in your site's HTML .

You need to make sure that your wp-mail.php file is clean. If you're not using the wp-mail.php code then you should remove or rename the file.

Read the link they provided ( to see how to get rid of the xmlrpc.php issue.


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct