Please help! HTML:Script-inf

[myvbiz]

Thanks David.

I have emailed the topic to my webmaster. Waiting for response.

[DavidR]

You're welcome, happy hunting.

[dcsorenson]

I'm also getting this error message from Avast when I visit my WordPress 3.2.1 Blog http://www.debbiemcneill.com/wordpress.  (see message below).

Malware Name:  HTML:Script-inf
Malware type: Virus/Worm
VPS version: 110816-0, 08/16/2011

I tested my blog site against the following Malware/Visus Testers:
Google - http://www.google.com/safebrowsing/diagnostic?site=www.debbiemcneill.com   CLEAN
Unmask Parasites (Beta) - http://www.unmaskparasites.com/security-report/   CLEAN
VirusTotal - http://www.virustotal.com/url-scan  1 HIT - MalwareDomainList result Malware site

But it wasn't until I hit this test that I did have some more information.  Unfortunately, there is not information on how to clean it. 
Sucuri SiteCheck - http://sitecheck.sucuri.net/scanner/
Malware found in the URL:
http://debbiemcneill.com/wordpress/?page_id=3

It appears to be on most pages.  YIKES!

I went into each PHP page via the WordPress editor and looked for the offending file, the http://superpuperdomain.com listed on the error report and any unusual script but didn't see it. Any recommendations would be very helpful.

Thanks so much in advance!
Debbie

[DavidR]

It appears your site has been hacked too check your pages, after the closing HTML tag there is a script tag to superdomain.com.
- Please 'modify' your post change the URLs from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

http://www.virustotal.com/file-scan/report.html?id=70381e1edc03c6b4efab48596f98cae469d0d42ef7562d3097f4b2ce5dd915b2-1313519417

You need to ensure that you are using the latest version of wordpress as it is likely that is being exploited.

Also see http://blog.sucuri.net/2011/08/update-to-the-superpuperdomain2-com-malware.html, although this is about superdomain2.com it is the same issue.