payrollexcel

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)
  • Forum: Fixing WordPress
    In reply to: Suspected Malware on Site
    Thread Starter payrollexcel

    (@payrollexcel)

    9 years, 1 month ago

    I got the following from SG – to be honest, as a novice I have no idea what this means – anyone help?:

    here is the list of suspicious scripts found in your account:

    Scanning [/home/payrolle/public_html] … Please wait…
    [HEX]pharma_redirector [29/03/17] /home/payrolle/public_html/roosters.php
    [HEX]PHP_Backdoor [13/07/15] /home/payrolle/public_html/food.php
    [HEX]php_post_spammer_2 [31/03/17] /home/payrolle/public_html/post.php
    [HEX]pharma_redirector [29/03/17] /home/payrolle/public_html/spots.php
    [HEX]pharma_redirector [29/03/17] /home/payrolle/public_html/sheltered.php
    [HEX]obfuscated_globals_2 [17/08/16] /home/payrolle/public_html/wp-includes/Requests/Hooks.php
    [HEX]obfuscated_globals_2 [17/08/16] /home/payrolle/public_html/wp-includes/Requests/Exception/HTTP/Unknown.php
    [GEN]PHP_backdoor_2 [13/07/15] /home/payrolle/public_html/wp-includes/js/tinymce/langs/menu71.php
    [STR]PHP_GLOBALS_x47x4cx4f [13/07/15] /home/payrolle/public_html/wp-includes/js/jquery/db.php
    [STR]php_code_includer_1 [27/03/17] /home/payrolle/public_html/816d5d/htpvl/alopr/votys.txt
    [STR]php_code_includer_1 [20/03/17] /home/payrolle/public_html/816d5d/htpvl/votys3.php
    [STR]php_code_includer_1 [27/03/17] /home/payrolle/public_html/816d5d/htpvl/votys.php
    [STR]php_code_includer_1 [27/03/17] /home/payrolle/public_html/816d5d/hmofr/alopr/votys.txt
    [STR]php_code_includer_1 [20/03/17] /home/payrolle/public_html/816d5d/hmofr/votys3.php
    [STR]php_code_includer_1 [27/03/17] /home/payrolle/public_html/816d5d/hmofr/votys.php
    [HEX]obfuscated_globals_2 [07/12/16] /home/payrolle/public_html/wp-admin/includes/class-plugin-upgrader.php
    [HEX]obfuscated_globals_2 [17/08/16] /home/payrolle/public_html/wp-admin/includes/class-wp-upgrader-skin.php
    [STR]PHP_GLOBALS_x47x4cx4f [13/07/15] /home/payrolle/public_html/wp-admin/images/diff.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/twentyfifteen/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/shell-lite/header.php
    [STR]PHP_GLOBALS_x47x4cx4f [13/07/15] /home/payrolle/public_html/wp-content/themes/shell-lite/js/press34.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/siteground-wp63/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/siteground-wp23/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/World/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/Universe/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/typal-makewp005/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/twentytwelve/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/elisium/header.php
    [STR]PHP_GLOBALS_x47x4cx4f [13/07/15] /home/payrolle/public_html/wp-content/themes/elisium/js/user95.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/customizr/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/innovative/header.php
    [HEX]eval_base64_obf_mailer [13/07/15] /home/payrolle/public_html/wp-content/themes/innovative/languages/model34.php
    [HEX]obfuscated_globals_2 [20/01/14] /home/payrolle/public_html/wp-content/themes/innovative/sidebar.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/twentythirteen/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/twentyfourteen/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/proclouds/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/attitude/header.php
    [STR]PHP_ref_hijack [31/03/17] /home/payrolle/public_html/wp-content/themes/siteground-wp73/header.php
    [STR]PHP_GLOBALS_x47x4cx4f [13/07/15] /home/payrolle/public_html/wp-content/plugins/wordpress-seo/frontend/model47.php
    [STR]unsecured_php_mailer [31/03/17] /home/payrolle/public_html/wp-content/plugins/jetpack/modules/widgets/facebook-likebox/redsistem.php
    [HEX]eval_base64_obf_mailer [24/03/17] /home/payrolle/public_html/wp-content/plugins/who-hit-the-page-hit-counter/favicon_a0232c.ico
    [HEX]pharma_redirector [29/03/17] /home/payrolle/public_html/subsidies.php
    [HEX]pharma_redirector [29/03/17] /home/payrolle/public_html/undresses.php
    —————————————–
    Scanned Files : 5276
    Scanner Hits : 43

    Forum: Fixing WordPress
    In reply to: Suspected Malware on Site
    Thread Starter payrollexcel

    (@payrollexcel)

    9 years, 1 month ago

    These are the results:

    The only issue that came back was website firewall with a medium risk

    There was no detection of malware

    I am confused…..:(

Viewing 2 replies - 1 through 2 (of 2 total)