Incorrectly Deleted wp-includes/wp-sys.php

  • Resolved beacons

    (@beacons)


    10 years, 11 months ago

    After performing a preliminary scan I deleted all files that appeared to be malicious. I thought all of the files were not a core, theme or plugin file. However, I deleted one at “wp-includes/wp-sys.php”

    Now, all WordPress admin pages are blank and most website pages are blank.

    How do I best re-install “wp-includes/wp-sys.php”?

    Thanks.

    https://wordpress.org/plugins/wordfence/

Viewing 4 replies - 1 through 4 (of 4 total)
  • WFSupport

    (@wfsupport)

    10 years, 11 months ago

    Download a fresh copy of wordpress here:
    https://wordpress.org/download/

    Unzip the file and ftp the file back to the server.
    This way you know that the copy is fresh.

    tim

    Thread Starter beacons

    (@beacons)

    10 years, 11 months ago

    Thanks for your help. Now I realized that wasn’t a core WP file and that it should have been deleted. But I am unclear what has caused WP to go blank and most of the web pages. Do I remove Wordfence temporarily to see if that is the reason?

    These are the pages that I deleted:

    Critical Problems:

    * File appears to be malicious: wp-content/plugins/6qpDr9.php

    * File appears to be malicious: wp-content/plugins/PbT2E43.php

    * File appears to be malicious: wp-content/plugins/genesis-simple-edits/plugin.php

    * File appears to be malicious: wp-content/plugins/mojo-marketplace-hg/user.php

    * File appears to be malicious: wp-content/plugins/tZ3pnPO.php

    * File appears to be malicious: wp-content/themes/genesis/lib/functions/options.php

    * File appears to be malicious: wp-content/uploads/dynamik-gen/skins/admin.php

    * File appears to be malicious: wp-includes/SimplePie/HTTP/files.php

    * File appears to be malicious: wp-includes/SimplePie/XML/Declaration/themes.php

    * File appears to be malicious: wp-includes/fonts/lib.php

    * File appears to be malicious: wp-includes/js/info.php

    * File appears to be malicious: wp-includes/js/tinymce/plugins/wpview/page.php

    * File appears to be malicious: wp-includes/js/tinymce/plugins/wpview/user.php

    * File appears to be malicious: wp-includes/js/tinymce/skins/dump.php

    * File appears to be malicious: wp-includes/pomo/common_configuration.php

    * File appears to be malicious: wp-includes/theme-compat/configseparator.php

    * File appears to be malicious: wp-includes/wp-sys.php

    domagojk

    (@domagojk)

    10 years, 10 months ago

    There is no “wp-sys” file in WordPress core files, so you should ignore this.

    WFSupport

    (@wfsupport)

    10 years, 10 months ago

    @domagojk is correct. I believe I answered too quick for which I apologize. At the point it looks like you were compromised, I would have just opted to go to your updates page (www.yoursite.com/wp-admin/update-core.php) and chose to resinstall wordpress to get it back to a clean state. The go through this list of steps again:
    http://docs.wordfence.com/en/My_site_was_hacked._How_do_I_use_Wordfence_to_clean_it%3F
    Pay close attention to the step about removing unused plugins or themes and upgrade them if you need to keep them. Outdated plugins and themes, even if not activated, are used by exploiters and hackers to gain access to your site.

    tim

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Incorrectly Deleted wp-includes/wp-sys.php’ is closed to new replies.