Support » Networking WordPress » Malware detected problem in ms-setting.php – Help!

  • troykd

    (@troykd)


    A linux malware detection software (maldet) popped on ms-setting.php

    FILE HIT LIST:
    {HEX}php.cmdshell.Err0R.229 : /home/mysite/public_html/wp-includes/ms-setting.php

    I can’t just delete this file right? Could I get help with identifying the offending code.

    [Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]

Viewing 4 replies - 1 through 4 (of 4 total)
  • troykd

    (@troykd)

    Here’s the code on pastebin

    http://pastebin.com/5JxegnjX

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    Uh. THAT is wrong.

    Delete the entire wp-includes folder.

    Download a fresh instance of WP here: http://wordpress.org/download/

    Upload that, and then change ALL your passwords.

    Ryan Hellyer

    (@ryanhellyer)

    I suggested deleting your entire install and reinstalling from a backup.

    If it is feasible, then wipe the database clean and reimport using the WordPress importer (scrubs out any potential nasties from the database. If that isn’t feasible, then make sure you comb through the database looking for any bad stuff that might be in there.

    perezbox

    (@perezbox)

    Sucuri.net CEO

    Hey torykd

    Make sure you disable PHP execution in your includes folder as well and verify your perms on directories and files.

    Good luck.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Malware detected problem in ms-setting.php – Help!’ is closed to new replies.