cedaly1968 on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
It has perms of 0000 and I cannot edit them to 755 or 700 either. The file is set and does not seem to be able to be changed or deleted.
View Articlecedaly1968 on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
I tried to move it and it says there is no such file.
View ArticleAndrew Nevins on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
I'm sorry to say that it looks like you've been hacked, as 'lib.php' is not part of the Twenty Eleven theme. You need to start working your way through these resources:...
View Articlett22tt on "[Plugin: Wordfence Security] Malware in Wordpress which Wordfence...
Hi all, I have scanned my website with sitecheck.sucuri.net It does say that I have MW:SPAM:SEO ->...
View Articleswachhsite on "wordpress/wp-content/themes/twentyeleven/lib.php is malicious"
If you are unable to delete, change the perimission via cpanel or ftp, then contact your hosting service provider and request to delete the same. They wil be able to do it from their end. Also, check...
View Articleswachhsite on "[Plugin: Wordfence Security] Malware in WordPress which...
Not sure about the email id you need to send it to. Did you trace this malicious js script in you files. Check for the script under theme index, funtions.php and header.php files. Search for keyword '...
View Articlerikkefunch on "[Plugin: Anti-Malware Security and Brute-Force Firewall]...
I have taken over administrating a website for a client. I can see that, it must be infected since there is added text on every page that shouldn't be there in the backend(WP) Moreover, Google informs...
View Articlerngdmstr on "[Plugin: Anti-Malware Security and Brute-Force Firewall]...
Try scanning your site with https://sitecheck.sucuri.net and see if it finds anything. what does the WordFence scan report? Which files are suspected malware?
View Articlerngdmstr on "Malware redirect eradication"
Sounds like the malware is probably located in your .htaccess file (that tends to be where those mobile-only .ru redirects hide)
View ArticleGeeky Software on "[Plugin: Broken Link Checker] Requests: Check link targets...
Please add malware and phishing checks as part of the “Broken Link Checker”. Periodically checking post and comment links for malicious targets would add great value to the plugin and it’s easy to...
View Articlett22tt on "[Plugin: Wordfence Security] Malware in WordPress which Wordfence...
Yes, it redirect to other sites. I do not think that I can scan with this keyword because normally the files are entcrypted. Are the not entcrypted?
View Articlerikkefunch on "[Plugin: Anti-Malware Security and Brute-Force Firewall]...
Thank you so much for your reply. I actually already scanned the page at sucuri.net and it doresn't find anything. Wordfence says: 1. Post contains a suspcted malware URL: Dave Baker job Home Center...
View Articlerikkefunch on "[Plugin: Anti-Malware Security and Brute-Force Firewall]...
I just checked out the Live Traffic feature with Wordfence. There is A LOT of traffic from all over the world and some of the "vistors" are categoried as "warnings" others as "bots".
View ArticleEli on "[Plugin: Anti-Malware Security and Brute-Force Firewall] Potential...
If Wordfence says "Post contains a suspcted malware URL" that means that the malicious URL is not in the PHP code, it is in your post content in the database. You should remove it using the "text" tab...
View Articlerikkefunch on "[Plugin: Anti-Malware Security and Brute-Force Firewall]...
Thank you for your reply. The thing is that I already did that with the posts. I removed the different URLs from the posts but it still comes up with "suspected malware URL". I've also removed the text...
View ArticleEli on "[Plugin: Anti-Malware Security and Brute-Force Firewall] Potential...
ok, it sounds like there are actually three things going on here: 1. Posts: You have had or still have malware links in some of your posts. These need to be removed even if you think it will not solve...
View ArticleLana on "[Plugin: Anti-Malware Security and Brute-Force Firewall] a malware:...
Thank you, Eli: Here is the file: application/x-httpd-php index.php PHP script text <?php /** * GOTMLS Plugin Global Variables and Functions * @package GOTMLS */ if...
View ArticleEli on "[Plugin: Anti-Malware Security and Brute-Force Firewall] a malware:...
You only posted half the file here. I posted my email address so you could send me the whole file as an attachment. Anyway, the first part looks fine so maybe your hosting provider is wrong, or else...
View ArticleLana on "[Plugin: Anti-Malware Security and Brute-Force Firewall] a malware:...
Thank you so much for the reply. The support from the hosting company after I've escalated the ticket to a manager confirmed today that it was a false positive, so we are all good there. Thank you, Lana
View ArticleMakeworthy Media on "How to find the source of a potentially malicious file?"
Hi, Simon, did you get any info from iThemes on what's causing the file to appear? I encountered the same thing on a site I'm working on, which is how I found this thread. I'm glad to hear it's not...
View Article