Jili 98 login philippines.Claim Your Free 999 Pesos Bonus Today

(@kewalnautiyal)

My new website [ redundant link removed ] having a malicious error due to PHP code injection. I am not able to run the Google Adword campaign due to this bug.
It would be appreciable if anyone could help me out to resolve this bug.

Below is the detailed error report:

Malware Scanner Report:
=======================================================================
Quttera Web Malware Scanner plugin for WordPress
Website Malware Scan Report

Scanned Website: https://goholidaytravels.com
Scan type: Internal
Report generation time: 2019-12-09 10:09

Scan launch time: 2019-12-09 10:03
Scanned files: 6089
Clean: 6082
Potentially Suspicious: 0
Suspicious: 5
Malicious: 2
=======================================================================

FILE: wp-includes/wp-vcd.php
FILE_MD5: cbf518a7a6722d9c7a9086e57e062737
SEVERITY: enSuspiciousThreatType
ENGINE: fscanner
THREAT_SIG: cbf518a7a6722d9c7a9086e57e062737
THREAT_NAME: Heur.AlienFile.gen
THREAT: Unknown file in core directory...
DETAILS: Detected unknown file in core directory

FILE: wp-includes/wp-tmp.php
FILE_MD5: bf226c41d0b4c42458516bdbd5e7f446
SEVERITY: enSuspiciousThreatType
ENGINE: fscanner
THREAT_SIG: bf226c41d0b4c42458516bdbd5e7f446
THREAT_NAME: Heur.AlienFile.gen
THREAT: Unknown file in core directory...
DETAILS: Detected unknown file in core directory

FILE: wp-includes/wp-feed.php
FILE_MD5: 7ba81b28edc0df0bdcc6dfb6a6b3a19f
SEVERITY: enSuspiciousThreatType
ENGINE: fscanner
THREAT_SIG: 7ba81b28edc0df0bdcc6dfb6a6b3a19f
THREAT_NAME: Heur.AlienFile.gen
THREAT: Unknown file in core directory...
DETAILS: Detected unknown file in core directory

FILE: wp-includes/post.php
FILE_MD5: f97bca07e3c42f344986fe4c23dd0b07
SEVERITY: enSuspiciousThreatType
ENGINE: fscanner
THREAT_SIG: f97bca07e3c42f344986fe4c23dd0b07
THREAT_NAME: Heur.CoreFile.gen
THREAT: Modified core file...
DETAILS: Detected modified core file

FILE: wp-includes/.htaccess
FILE_MD5: 83c059a741ce3c1a46bde1a66216656e
SEVERITY: enSuspiciousThreatType
ENGINE: fscanner
THREAT_SIG: 83c059a741ce3c1a46bde1a66216656e
THREAT_NAME: Heur.AlienFile.gen
THREAT: Unknown file in core directory...
DETAILS: Detected unknown file in core directory

FILE: wp-content/themes/tour-operator/functions.php
FILE_MD5: 5a28acb294e24f98087b71e8728f0177
SEVERITY: enMaliciousThreatType
ENGINE: fscanner
THREAT_SIG: 1381cc1143ba2d9a6db1dde176c1d24d
THREAT_NAME: Trojan.PHP.Injection.gen.1c6
THREAT: <?php if (isset($_REQUEST['action']) && isset($_REQUEST[...
DETAILS: Detected injected PHP code

FILE: wp-content/themes/travel-agency/functions.php
FILE_MD5: 3789b05609c0ba5679b3c52bc337ae23
SEVERITY: enMaliciousThreatType
ENGINE: fscanner
THREAT_SIG: 9ab21595d286c0b54046a43e8e91236c
THREAT_NAME: Trojan.PHP.Injection.gen.1c6
THREAT: <?php if (isset($_REQUEST['action']) && isset($_REQUEST[...
DETAILS: Detected injected PHP code

This topic was modified 4 years, 11 months ago by Jan Dembowski.
This topic was modified 4 years, 11 months ago by Jan Dembowski.

The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

Rara Themes Support
(@rarathemesupport)

4 years, 11 months ago

Hello @kewalnautiyal,

I just read your whole report and found out that your installation has been affected by the virus.

I am sorry to say but it looks as if you have used some nulled themes on your installation or maybe in the server which had that virus intact along with all the themes.

The reason behind the infection could be plenty. Most common of which are:

Use of a nulled theme – the wp-vcd malware in many cases comes pre-installed with every downloaded theme from nulled theme websites

Use of outdated WordPress plugins & themes for your site.

No Web Application Firewall (WAF) installed to block hacking attempts made by hackers
Since your installation has been already affected.

It usually creates an unusual code in functions.php. Please delete that code or you can just delete the theme and reinstall and activate the theme again.

Right now, all the themes in your cPanel might be affected so you can consult with your hosting provider or just do it manually.

You can just ask the Hosting provider and their developers might fix this issue as soon as possible.

If you want to do it yourself then you can just read this blog
— https://www.getastra.com/blog/911/how-to-fix-wp-vcd-backdoor-hack-in-wordpress-functions-php/#Approach-1-8211-Search-for-files-on-the-server-that-are-usually-infected-with-the-wp-vcd-hack

You can just check the above blog and do it yourself. There is process of removing this virus which is affecting your installation right now. Please remove the unwanted plugins if there are any.

Have a good day!

Moderator Jan Dembowski
(@jdembowski)

Forum Moderator and Brute Squad

4 years, 11 months ago

Please remain calm and give this a good read.

https://www.ads-software.com/support/article/faq-my-site-was-hacked/

When you have successfully deloused your site then consider giving this a read too.

https://www.ads-software.com/support/article/hardening-wordpress/

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Detected injected PHP code’ is closed to new replies.

Tags