The email address was the only information I actually needed. I had resolved all issues before posting.
Your "remain calm" comment is both late and condescending.
↧
tjessberger on "Reporting a malicious plugin listed on the WP plugin directory?"
↧
Jan Dembowski on "Reporting a malicious plugin listed on the WP plugin directory?"
Your "remain calm" comment is both late and condescending.
My apologies, I wasn't being condescending at all. It's a stock reply.
The email address was the only information I actually needed. I had resolved all issues before posting.
Hey, that's great! I'm glad as a volunteer I was able to provide some help.
Since you've gotten what you needed and I don't want to risk anymore misunderstanding, I'll just close this topic now.
↧
↧
chmars on "Anti Malware detects treat "wysija-newsletters/js/tinymce/tiny_mce.js""
Your Dropbox link does not work.
↧
Angelique.van.Campen on "Anti Malware detects treat "wysija-newsletters/js/tinymce/tiny_mce.js""
Yes, I found that too, but I think I solved more or less the issue.
I finally decided to clean that particular js. file. That solved the issue, however, the tinymouse function in Mailpoet was after that no longer working. That said, I reinstalled parts of the Mailpoet plugin, restart the plugin and issue solved.
↧
swachhsite on "Anti Malware detects treat "wysija-newsletters/js/tinymce/tiny_mce.js""
The js code you pasted looks genuine, however it looks like complete code was not copied. Mostly the malicious script will be injected at the top or end of the file in case of .js file. Since there was no malicious script at the top, I guess it was at the end. Glad to know that the issue is fixed.
↧
↧
Jan Dembowski on "Anti Malware detects treat "wysija-newsletters/js/tinymce/tiny_mce.js""
If it looks like this
https://plugins.trac.wordpress.org/browser/wysija-newsletters/trunk/js/tinymce/tiny_mce.js
Then you're good. If not then you may be hacked.
↧
Angelique.van.Campen on "Anti Malware detects treat "wysija-newsletters/js/tinymce/tiny_mce.js""
Guys,
Many thanks for your reply. It's much appreciated. Perhaps it was the WP plugin "Anti-Malware from GOTMLS.NET" plugin itself that caused this issue to popup. I've got not enough knowledge, but when I ordered the Anti-Malware plugin to clean this js file, it cleaned it and I thought, problem solved but then it turned out that the MailPoet tinymce didn't work. What said before, replaced MailPoet tinymce.js files and issue solved.
Good to know a little more about the background. Thanks swachhsite!
↧
MailPoet on "Anti Malware detects treat "wysija-newsletters/js/tinymce/tiny_mce.js""
This is another false-positive unfortunately.
↧
robert donat on "My website is compromised"
Hi,
I hope someone can help?
My website has been hacked, I have deleted all the files that my host told me were the problem files, but I can only log in through Cpanel, when I try to login through WordPress I get this error message:
Warning: require(/home/spencerw/public_html/wp-includes/vars.php) [function.require]: failed to open stream: Permission denied in /home/spencerw/public_html/wp-settings.php on line 202
Fatal error: require() [function.require]: Failed opening required '/home/spencerw/public_html/wp-includes/vars.php' (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/spencerw/public_html/wp-settings.php on line 202
Is there anything I can do to gain access, as I do not want to have to start over again........
Thanks in advance
Spence
↧
↧
bdbrown on "My website is compromised"
Hi Spence. The recommended process is to start working your way through these resources:
https://codex.wordpress.org/FAQ_My_site_was_hacked
https://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/
Then follow the recommendations here:
https://codex.wordpress.org/Hardening_WordPress
http://codex.wordpress.org/Brute_Force_Attacks
Additional Resources:
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
https://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html
↧
Deus Kai on "[Plugin: WP Optimize Speed By xTraffic] Malware suspected: please provide your source unminified JS"
Pretty interested in results too!
↧
clq37 on "Malware redirect eradication"
Howdy ho,
We have been subjected to a malware hack, that is redirecting to an online sales site when our site is accessed via a mobile or tablet device, the culprit is http://jweek.ru/af25, my problem is i am unable to find the locations of the code to delete it - any ideas?
Secondly,
I backed up the original site but am unable to locate how to load it back in??
Peter
↧
robert donat on "My website is compromised"
Great stuff.
many thanks bdbrown.
Spence
↧
↧
sterndata on "Malware redirect eradication"
You've been hacked.
You need to start working your way through these resources:
- https://codex.wordpress.org/FAQ_My_site_was_hacked
- https://wordpress.org/support/topic/268083#post-1065779
- http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
- http://ottopress.com/2009/hacked-wordpress-backdoors/
Additional Resources:
↧
bdbrown on "My website is compromised"
You're welcome.
↧
realdoctorstu on "Hacked site: intermittent new tab advertising"
The hosting providers got back to me and came up with what I have found:
"I have had a further look into this and unfortunately, I was not able to find where the redirects are coming from in the site this time around, do you know when the site was last working correctly before this started redirecting?
I ran a few searches for the links which seemed to have come up empty and only false positives being flagged up when searching for other typical malware."
I have found that two scripts are running on the site: apu.php and banners.js - but both of which are not on the server, but are being run from another site ("go.onclasrv.com/apu.php?zoneid=676655" and "eclkmpsa.com/adServe/banners?tid=79479_131506_0&tagid=2") You can see the code for these by following the inks.
I can't believe I am the first person to encounter this problem...?
↧
swachhsite on "Hacked site: intermittent new tab advertising"
The source page for website looks fine, try switching to different theme and see if the issue persists. Didn't your hosting service provider give any malware files scan list?
↧
↧
cedaly1968 on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
Malware scanner has identified this file as potentially malicious. I tried deleting it and it will not delete. Is this file required for some reason??? The twentyeleven folder is empty except for this file.
↧
sterndata on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
How are you trying to delete it?
↧
cedaly1968 on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
Tried deleting via CPanel.
↧