Wordfence do not recognize Malware

  • biohardware

    (@biohardware)


    6 years ago

    After a scan made by Hostgator they told me that I was contaminated by malware, but the Wordfence does not recognize it in my websites. The malware attacks the themes and some plugins. See below:

    /home/biohard1/e-negocio.com.br/wp-content/themes/radiate/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/e-negocio.com.br/wp-content/themes/opSmartTheme/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/biohardware.com.br/wp-content/themes/twentyseventeen/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/biohardware.com.br/wp-content/themes/opSmartTheme/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/cerebroharmonico.com.br/wp-content/themes/twentyseventeen/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/aprovesuastartup.com.br/wp-content/themes/Avada-Child-Theme/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/aprovesuastartup.com.br/wp-content/themes/old_Avada/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/marcoquerini.com.br/wp-content/themes/optimizePressTheme/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/marcoquerini.com.br/wp-content/themes/Total/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND
    /home/biohard1/marcoquerini.com.br/wp-content/themes/dazzling/functions.php: SL-PHP-FILEHACKER-vd.UNOFFICIAL FOUND

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • wfdave

    (@wfdave)

    Hi @biohardware,

    Can you post some example files here? Copy and paste it here or on pastebin.com.

    The wp-content/themes/twentyseventeen/functions.php is a default theme, so if it was modified, the Wordfence scan should have picked it up.

    Dave

    magefix

    (@magefix)

    @biohardware you should :

    Before anything else, backup wp-config.php . Make sure its content is clean.

    1. pack all your php files, via SSH
    find . -name ‘*.php’ -o | tar -cvzf php.tar.gz -T –
    2. delete all your php files, via SSH
    find . -name ‘*.php’ -type f -delete
    3. move all your public_html folder to a private area, such as public_html_old
    4. rebuild WordPress from scratch
    a) copy ONLY wp-config.php and fresh WordPress files: https://www.ads-software.com/download/
    b) get a clean theme version: https://www.ads-software.com/themes/radiate/
    c) download all the needed plugins, one by one: https://www.ads-software.com/plugins/

    After all this, you should be good to go.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Wordfence do not recognize Malware’ is closed to new replies.