Malware found | WordPress.org

Resolved Robert Eichhorn
(@robert-eichhorn)

9 years, 11 months ago

My web host’s security partner informed me that their security scan had identified malware on my WP website. My web host identified the problem as the file inc-popup.php, located in the modules folder of the Total Security plugin. The problem was identified as a generic mailer/email spam problem. The identification included the term UNOFFICIAL FOUND. What does this term actually mean when referring to malware – as unacceptable code?

Data:
PHP-MAILER-GENERIC-md5-ji.UNOFFICIAL FOUND

Viewing 2 replies - 1 through 2 (of 2 total)

esmi
(@esmi)

9 years, 11 months ago

I’m sorry but it means that your site has been hacked. You need to start working your way through these resources:
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://wordpress.org/support/topic/268083#post-1065779
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Anything less will probably result in the hacker walking straight back into your site again.

Additional Resources:
Hardening WordPress
http://sitecheck.sucuri.net/scanner/
http://www.unmaskparasites.com/
http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

Thread Starter Robert Eichhorn
(@robert-eichhorn)

9 years, 11 months ago

esmi – thanks for the information. I don’t think my site has been hacked. I contacted a WP plugins staff member about the malware problem and he checked the code file for inc-popup.php and did not find any code that would be a generic mailer/email spam problem. I contacted Fabrix Doromo, Total Security plugin developer,and he said the identification of his plugin as malware is a false positive. I contacted my web host’s security partner to determine if their security scan made a mistake. I am waiting for their reply.

A this point in time my website is working just fine. My web host just did another security scan of my site and no malware was found. That is the good news.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Malware found’ is closed to new replies.

Tags

malware

In: Fixing WordPress
2 replies
2 participants
Last reply from: Robert Eichhorn
Last activity: 9 years, 11 months ago
Status: resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics