WordPress Malware

  • Hi,

    There are files on my website that are infected with malware and i’m having a hard time finding them. i dont want do delete the files i just want to delete the codes that has been causing spam mails. What are the steps i can do to remove them?

    • This topic was modified 6 years, 11 months ago by toshi022.

    The page I need help with: [log in to see the link]

Viewing 9 replies - 1 through 9 (of 9 total)

  • Hi @toshi022

    Your best bet here, in my opinion, is to install WordFence Plugin and run it’s scanner. It comes with the functionality which will point you towards the infected files.

    Additionally, you can also install and run the scan via Sucuri Malware plugin.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

    Thread Starter toshi022

    (@toshi022)

    this was sent to me by our domain provider https://ibb.co/dmuiMc they said that these are the files that has malware and we do need to delete the files just find the unwanted codes and delete it but i can’t see the codes that I need to delete

    • This reply was modified 6 years, 11 months ago by toshi022.

    Hi, I’d delete the 3rd and 5th file right away and check the others for he malicious code.

    Thread Starter toshi022

    (@toshi022)

    Hi,

    The malicious file is still coming back. what can i do to prevent this?

    Thread Starter toshi022

    (@toshi022)

    its coming back but on a different path.

    Thread Starter toshi022

    (@toshi022)

    this is the result of the scan and it shows that its a backdoor known as kidslug. do I need to delete all these files?
    https://ibb.co/hhg6xH

    At this point I’d suggest you seek the expertise of a developer or can opt for WordFence’s paid cleaup plan.

    The files I see are mostly malicious by inserting malicious code in the theme/plugin files and few files are additional (maybe inserted whilst the malicious attempt).

    Once the cleanup is processed, you can harden your WordPress security by follwing this guide – https://codex.www.ads-software.com/Hardening_WordPress

    Additionally you can also install Sucuri WordPress Plugin and use that to harden the security measures.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘WordPress Malware’ is closed to new replies.