Title: Unknown files Last modified: August 18, 2017 --- # Unknown files * Resolved [LisaMB](https://wordpress.org/support/users/lisamb/) * (@lisamb) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/) * This is a brand spanking new site uploaded yesterday and it has a number of unknown files. We had a lot of trouble uploading this site to a host already chosen by the owner of the site – not one I would have chosen. Anyway these are the unknown files: * wp-includes/theme-compat/comments-popup.php wp-includes/js/tinymce/wp-mce-help. phpwp-includes/js/tinymce/plugins/wpfullscreen/plugin.js * wp-includes/js/tinymce/plugins/wpfullscreen/plugin.min.js wp-includes/js/tinymce/ skins/lightgray/fonts/readme.mdwp-includes/js/tinymce/skins/lightgray/skin.ie7. min.css * wp-includes/js/tinymce/plugins/media/moxieplayer.swf wp-includes/functions.php. orig wp-admin/theme-uploader.php wp-admin/plugin-uploader.php wp-admin/uploader/ pclzip.lib.php wp-admin/uploader/upload.php wp-admin/js/wp-fullscreen.js wp-admin/ js/wp-fullscreen.min.js wp-admin/includes/upgrade.php.orig wp-includes/functions. php.orig wp-admin/plugin-uploader.php wp-admin/theme-uploader.php wp-admin/uploader/ pclzip.lib.php wp-admin/uploader/upload.php wp-admin/js/wp-fullscreen.js wp-admin/ js/wp-fullscreen.min.js wp-admin/includes/upgrade.php.orig Viewing 7 replies - 1 through 7 (of 7 total) * [Caleb](https://wordpress.org/support/users/crudhunter/) * (@crudhunter) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9419857) * It might have just been uploaded, but it is obviously a VERY non-standard, existing WordPress copy you uploaded, that has been significantly modified (or maybe even is infected). * a) notice the ‘.orig’ files, indicating that there has been manual editing of various files going on. * b) There is no “wp-admin/uploader” directory in a “brand spanking new” WordPress. Same for most of the other stuff. Don’t belong. * If I were you, I would listen to WordFence and be quite nervous about the fact that most of the added stuff has to do with “uploading”. That is typically where all the infection paths into WordPress exist. * WordFence is just telling you that all that stuff, which you might already know about, is non-standard and should be checked out, since it cannot match it to standard WordPress core files. * Might want to go take a look at these files and see where they came from. * Thread Starter [LisaMB](https://wordpress.org/support/users/lisamb/) * (@lisamb) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9419880) * Thank you very much Caleb. This is getting beyond my technical expertise but I think we’ll change hosts to one I trust. * [Caleb](https://wordpress.org/support/users/crudhunter/) * (@crudhunter) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9419892) * How did you do this install? As a standard WordPress install (downloading from WordPress.org and uploading), using the hosting company’s WordPress Install procedures, or was it an existing WordPress installation that was uploaded? * The files you list do not belong in a standard WordPress install, but if you used the hosting company’s software installer, they could of course have modified WordPress somewhat.. I have never seen this much though. Typically hosting companies install very standard stuff, and they should never install a bunch of extra stuff that does not belong. * I would not be too quick to blame the hosting company, though, without knowing what all this extra stuff actually is. Especially all the “uploading” type of junk. Anything with the word “upload” in it always makes me nervous. 🙂 Various uploaders with security flaws in their coding is frequently how hackers find holes to crawl through. 🙂 * Thread Starter [LisaMB](https://wordpress.org/support/users/lisamb/) * (@lisamb) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9419905) * It’s a long and convoluted story and while I’ve uploaded dozens of sites, this one has given me more headaches than you can imagine. The host installed WP for me because I simply couldn’t do it via their CPanel. And from there it got more ridiculous. Should have trusted my instincts but given the client had paid for the hosting already before I came on board… * [Caleb](https://wordpress.org/support/users/crudhunter/) * (@crudhunter) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9419914) * After some research it seems that at least a good part of these files (like the wp-admin/uploader stuff) are part of the WordPress APS package used when you install WordPress via a management system like Plesk on a server rather than by installing manually. * The files are part of the Plesk theme/plugin uploader system so are in fact likely safe & can be ignored. * Might want to risk white-listing them then. * Thread Starter [LisaMB](https://wordpress.org/support/users/lisamb/) * (@lisamb) * [8 years, 9 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9419941) * Actually ahem, I just did a google search and it does seem that it is what you’ve mentioned. I’ve flagged it with the host. Thanks again for your time. * [wfalaa](https://wordpress.org/support/users/wfalaa/) * (@wfalaa) * [8 years, 8 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9428766) * Hi Lisa, You may want to take a look at [this reply](https://wordpress.org/support/topic/unknown-file-in-wordpress-core/page/2/#post-7607388) discussing several reasons for having such files and possible ways to overcome this issue. * Thanks. Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘Unknown files’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) * 7 replies * 3 participants * Last reply from: [wfalaa](https://wordpress.org/support/users/wfalaa/) * Last activity: [8 years, 8 months ago](https://wordpress.org/support/topic/unknown-files-2/#post-9428766) * Status: resolved