Title: Malware issue Last modified: August 19, 2021 --- # Malware issue * [rtaffy](https://wordpress.org/support/users/rtaffy/) * (@rtaffy) * [4 years, 9 months ago](https://wordpress.org/support/topic/malware-issue-9/) * Hi Wordfence reported the following as malware: * ``` Filename: wp-content/class-wp-config-sys.php File Type: Not a core, theme, or plugin file from wordpress.org. Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: $_COOKIE;(count($ The issue type is: Backdoor:PHP/cookie.count.10422 Description: Code often seen in file managers and backdoors. ``` * Any advice would be appreciated. Several other files were tagged with similar coding. * Thanks * RTAFFY Viewing 4 replies - 1 through 4 (of 4 total) * Moderator [t-p](https://wordpress.org/support/users/t-p/) * (@t-p) * [4 years, 9 months ago](https://wordpress.org/support/topic/malware-issue-9/#post-14785542) * Carefully follow [this guide](https://wordpress.org/support/article/faq-my-site-was-hacked/). When you’re done, you may want to implement some (if not all) of [the recommended security measures](https://wordpress.org/support/article/hardening-wordpress/) and [start backing up your site](https://wordpress.org/support/article/wordpress-backups/). * Thread Starter [rtaffy](https://wordpress.org/support/users/rtaffy/) * (@rtaffy) * [4 years, 9 months ago](https://wordpress.org/support/topic/malware-issue-9/#post-14785558) * Thanks, but that is a pretty general reply. I use WP because I am not a programmer. And we’re poor. * I use Wordfence I use Updraft Plus for backup. * I’ll wade through the article more thoroughly to see what I might do about these reports. Reports specific to plugins I am getting their replies and working on those. The ones about WP are more tricky for me it seems .. RTAFFY * Moderator [t-p](https://wordpress.org/support/users/t-p/) * (@t-p) * [4 years, 9 months ago](https://wordpress.org/support/topic/malware-issue-9/#post-14785569) * More useful sources: – [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)– [https://www.wpbeginner.com/wp-tutorials/how-to-find-a-backdoor-in-a-hacked-wordpress-site-and-fix-it/](https://www.wpbeginner.com/wp-tutorials/how-to-find-a-backdoor-in-a-hacked-wordpress-site-and-fix-it/)– [https://www.wpbeginner.com/plugins/how-to-scan-your-wordpress-site-for-potentially-malicious-code/](https://www.wpbeginner.com/plugins/how-to-scan-your-wordpress-site-for-potentially-malicious-code/)– Wordfence plugin: do full scan of your site. – You can also use another scanner: [https://wordpress.org/plugins/search/malware+database](https://wordpress.org/plugins/search/malware+database)– Also, Scan for “some string” using [https://wordpress.org/plugins/string-locator/](https://wordpress.org/plugins/string-locator/)– If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Off hand, couple of names that come to mind are Sucuri and Wordfence. * Thread Starter [rtaffy](https://wordpress.org/support/users/rtaffy/) * (@rtaffy) * [4 years, 9 months ago](https://wordpress.org/support/topic/malware-issue-9/#post-14785587) * Thanks Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Malware issue’ is closed to new replies. * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 4 replies * 2 participants * Last reply from: [rtaffy](https://wordpress.org/support/users/rtaffy/) * Last activity: [4 years, 9 months ago](https://wordpress.org/support/topic/malware-issue-9/#post-14785587) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics