Jili slot png maker online,Funny video apps for Android.Recharge Every day and Get Bonus up-to 50%!

Suspected Malware

Roald Moy — Thu, 21 Nov 2024 07:16:40 +0000

Critical Problems:

* File contains suspected malware URL: wp-content/cache/b2c603b-nitropack/UuvJWVeGKWsRyvaDCPWsemUQIYDhAWvl/data/pagecache/mobile/3511a94527377b29cbc1e9b5c81939ec/ssl-d41d8cd98f00b204.html

* File contains suspected malware URL: wp-content/cache/b2c603b-nitropack/UuvJWVeGKWsRyvaDCPWsemUQIYDhAWvl/data/pagecache/desktop/3511a94527377b29cbc1e9b5c81939ec/ssl-d41d8cd98f00b204.html

High Severity Problems:

* Post contains a suspected malware URL: Initial Coin Offering ICO Overview for VogoV

The website is repeatedly attacked by hackers

lubos55 — Mon, 18 Nov 2024 12:43:24 +0000

Since 7.11 I have been fighting repeated attacks on our website
I installed the free version of the Wordfence plugin, which helped me remove some vulnerabilities, but the attacks continued. The scan found 48 new findings, 39 critical and 9 high severity.
Some parts of the findings were categorized as backdoor PHP/a1b2.15070.
I cleaned the site, no findings were detected.
I have Eset antivirus installed on my laptop, which is still blocking me from communicating with https://hudbaaslovo.cz.

On the morning of 16.11. new findings appeared
Critical issues:

File appears to be suspicious or dangerous: wp-includes/blocks/legacy-widget/.e733b7df.css
File appears to be suspicious or unsafe: wp-includes/load.php
File appears to be suspicious or unsafe: index.php

Problems of high severity:

Unknown file in WordPress core: wp-includes/blocks/legacy-widget/.e733b7df.css
Modified WordPress core file: index.php
Modified WordPress core file: wp-includes/load.php

All findings have been removed or corrected.

This morning (18.11.) scan detected 31 findings in which several backdoors were identified.
PHP/lfi.11719
PHP/SerializeIt.A.13398
PHP/commented.13352
PHP/RCE.obfuscated.11616
PHP/commented.13385

Can you advise me how to proceed to get rid of similar attacks? No unwanted activity is visible in activite.log.

Thank you

Lubo?

Exclude a specific part of a code from security scan

vkprog — Fri, 15 Nov 2024 17:24:05 +0000

Hi, I am pro user, and I have always after malware scan and security scans, many critical warnings on suspicious codes by the hundreds, we have a system that embeds perfectly safe music streaming codes from spotify or bandcamp and even svg codes are marked as long suspicious code. Is there a way to tell Clean Talk not to mark those codes “starting with…” as suspicious or critical warnings? for example a code that has “url=https://spotify.com/embed/playlist/…. etc” or for svg files?

Otherwise I love the plugin and I’m a happy customer for several years!

Malware detected by Siteground hosting

lucekpm — Fri, 15 Nov 2024 09:52:57 +0000

Hello! Tell me, is this file generated by your script? Siteground hosting anti-malware system listed is as a threat. Here is the evidence:

“Suspicious files

Details

“11/14/2024 15:07:37 – /home/u593-zmtpyggvoyt3/www/MY-DOMAIN/public_html/wp-content/uploads/wpaicg_user_uploads/processor-from-001.php

And it happened on 2 sites, I have version of 1.8.91 installed in 2 cases. Please, help me with that.

Wordfence scan failing every time

markholland8 — Mon, 04 Nov 2024 20:13:13 +0000

I am trying to get rid of a virus on. my site, It is a redirect hack, I was advised to download and scan with wordfence however I have been trying for days to scan and and it just fails.

Here is the latest log:

[Nov 04 20:00:46:1730750446.666104:10:info]?SUM_ENDOK:Checking Web Application Firewall status

[Nov 04 20:00:46:1730750446.586599:10:info]?SUM_START:Checking Web Application Firewall status

[Nov 04 20:00:46:1730750446.460394:10:info]?SUM_ENDOK:Scanning to check available disk space

[Nov 04 20:00:46:1730750446.454741:2:info]?The disk has 758454.73 MB available

[Nov 04 20:00:46:1730750446.446448:2:info]?Total disk space: 1.48 TB -- Free disk space: 740.68 GB

[Nov 04 20:00:44:1730750444.250118:10:info]?SUM_START:Scanning to check available disk space

[Nov 04 20:00:44:1730750444.205932:10:info]?SUM_ENDSKIPPED:Checking for the most secure way to get IPs

[Nov 04 20:00:44:1730750444.181475:10:info]?SUM_START:Checking for the most secure way to get IPs

[Nov 04 20:00:42:1730750442.074698:10:info]?SUM_PAIDONLY:Checking if your site is on a domain blocklist is for paid members only

[Nov 04 20:00:40:1730750440.067571:10:info]?SUM_PAIDONLY:Checking if your IP is generating spam is for paid members only

[Nov 04 20:00:38:1730750438.045996:10:info]?SUM_PAIDONLY:Check if your site is being Spamvertized is for paid members only

[Nov 04 20:00:38:1730750438.033289:4:info]?getMaxExecutionTime() returning half ini value: 15

[Nov 04 20:00:37:1730750437.984834:4:info]?Got max_execution_time value from ini: 30

[Nov 04 20:00:37:1730750437.885537:4:info]?Got value from wf config maxExecutionTime: 0

[Nov 04 20:00:37:1730750437.049125:4:info]?Calling Wordfence API v2.26:https://noc1.wordfence.com/v2.26/?k=942ae60c17babb0e1486763c86940b42d241256894c2885b2f4fbefa201ac20116ae189a91571132ddab2a040106e9e5a9b32820d96dc419295853498d41cb2b&s=eyJ3cCI6IjYuNi4yIiwid2YiOiI4LjAuMCIsIm1zIjpmYWxzZSwiaCI6Imh0dHBzOlwvXC9oZWxwaXZlYnJva2VuaXQuY28udWsiLCJzc2x2IjoyNjk0ODg1MTEsInB2IjoiNy40LjMzIiwicHQiOiJsaXRlc3BlZWQiLCJjdiI6IjguOS4xIiwiY3MiOiJPcGVuU1NMXC8xLjEuMXciLCJzdiI6IkxpdGVTcGVlZCIsImR2IjoiMTAuMy4zOS1NYXJpYURCLWNsbC1sdmUiLCJsYW5nIjoiZW5fR0IifQ&action=log_scan

[Nov 04 20:00:37:1730750437.040394:1:info]?Contacting Wordfence to initiate scan

[Nov 04 20:00:37:1730750437.014271:10:info]?SUM_PREP:Preparing a new scan.

[Nov 04 20:00:36:1730750436.880203:4:info]?Setting up scanRunning and starting scan

[Nov 04 20:00:36:1730750436.866780:4:info]?Setting up error handling environment

[Nov 04 20:00:36:1730750436.855978:4:info]?Requesting max memory

[Nov 04 20:00:36:1730750436.829759:4:info]?Checking if scan is already running

[Nov 04 20:00:36:1730750436.812341:4:info]?Checking saved cronkey against cronkey param

[Nov 04 20:00:36:1730750436.806864:4:info]?Checking cronkey: 432d4ea6c618a579ed9e5af0b78b56f6 (expecting 432d4ea6c618a579ed9e5af0b78b56f6)

[Nov 04 20:00:36:1730750436.802251:4:info]?Fetching stored cronkey for comparison.

[Nov 04 20:00:36:1730750436.793161:4:info]?Verifying start request signature.

[Nov 04 20:00:36:1730750436.768587:4:info]?Scan engine received request.

[Nov 04 20:00:36:1730750436.699696:4:info]?Scan process ended after forking.

[Nov 04 20:00:35:1730750435.400853:4:info]?Starting cron with normal ajax at URL https://helpivebrokenit.co.uk/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=custom&cronKey=432d4ea6c618a579ed9e5af0b78b56f6&signature=57801de3e3e1b5bd21ae9bcc50f1c6a827182396ec65fc3c6d93313227b2c843

[Nov 04 20:00:35:1730750435.373941:4:info]?Test result of scan start URL fetch: array ( 'headers' => WpOrg\Requests\Utility\CaseInsensitiveDictionary::__set_state(array( 'data' => array ( 'content-type' => 'text/html; charset=UTF-8', 'x-robots-tag' => 'noindex', 'x-content-type-options' => 'nosniff', 'expires' => 'Wed, 11 Jan 1984 05:00:00 GMT', 'cache-control' => 'no-cache, must-revalidate, max-age=0', 'referrer-policy' => 'strict-origin-when-cross-origin', 'x-frame-options' => 'SAMEORIGIN', 'content-length' => '32', 'content-encoding' => 'gzip', 'vary' => 'Accept-Encoding,User-Agent', 'date' => 'Mon, 04 Nov 2024 20:00:35 GMT', 'server' => 'LiteSpeed', 'alt-svc' => 'h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"', ), )), 'body' => 'WFSCANTESTOK', 'response' => array ( 'code' => 200, 'message' =>

[Nov 04 20:00:28:1730750428.008180:4:info]?getMaxExecutionTime() returning half ini value: 15

[Nov 04 20:00:28:1730750428.002465:4:info]?Got max_execution_time value from ini: 30

[Nov 04 20:00:27:1730750427.997291:4:info]?Got value from wf config maxExecutionTime: 0

[Nov 04 20:00:27:1730750427.773409:4:info]?Entering start scan routine

[Nov 04 20:00:27:1730750427.753303:4:info]?Ajax request received to start scan.

[Nov 04 20:00:23:1730750423.070442:10:info]?SUM_KILLED:A request was received to stop the previous scan.

[Nov 04 20:00:22:1730750422.975996:1:info]?Scan stop request received.

DANGEROUS

percevalx — Sun, 03 Nov 2024 08:20:50 +0000

Backdoor:PHP/ShellAttckPP.A

Ce programme fournit un accès à distance à l’ordinateur sur lequel il est installé.

plugins\itr-popup\scripts\jscolor\itro-admin-scripts.php

Excellent service & Essential Security

barrypitelen — Thu, 17 Oct 2024 16:38:52 +0000

Have had an account with Malcare since they began their Malware security and cleaning service many years ago.

Over the years they have made improvement upon improvement to make their service the best on the market.

Reliable, efficient and always with excellent human support.

No WordPress site owner should be without this peace if mind, in the sad world of malicious actors.

Highly recommended.

Barry Pitelen.

Must have

Manobal — Tue, 15 Oct 2024 08:18:53 +0000

Wordfence allowed me to repair a site that was completely riddled with viruses due to lack of maintenance for a few years. As a result, I systematically use it for all the WordPress sites that I develop. It is a truly indispensable tool!

It’s hacked. Virus infected, don’t use!!

foulianna — Sun, 13 Oct 2024 05:10:54 +0000

I read all the other similar reviews and the answers by the developers.

To users:

Don’t use this plugin!

My website was infected by a virus that redirected to .top websites (space-robot), a known malicious ad virus that prompts you to allow notifications and opens to ads. (I then realized that probably found it’s way via header permissions and redirected to this .top page)

I kept backups, deleted all plugins, reinstalled core WordPress, and changed all username and passwords. The virus was still there.

Sucuri scan kept finding it hacked.

In the plugins list in admin panel of WordPress there was no visible plugin as WP-code, or anything else.

I searched in plugins ‘add new’ directory, and WP-code was active, but no ‘disable’ or ‘uninstall’ button was available (like this plugin was hidden in some way)!

So how you delete this thing?

Checking the files via ftp client, there was a folder in plugins ‘insert header and footer’. After deleting this folder, WP-code plugin was not installed anymore in my system, and the virus was gone. Sucuri scan finally found my website clean, after 2 months that I’m trying to clean it in several ways.

Only when I deleted this folder from plugins, my website was clean again and running as it should.

To developers: I understand all the excuses you might use to answer to all those people who are telling you that your plugin was compromised, but seriously, fix it!!

Outstanding Protection and Reliability!

Ricardo Jorge — Wed, 09 Oct 2024 17:07:28 +0000

I’ve been using Defender Security for a while now, and I’m thoroughly impressed with its performance. The level of security it provides is unparalleled, keeping my system safe without compromising speed or functionality. The interface is user-friendly, making it easy to navigate even for those who aren’t tech-savvy.

One of the standout features is the real-time protection and timely updates that ensure I’m always safeguarded against the latest threats. Whether it’s malware, phishing attempts, or other cybersecurity risks, Defender Security has consistently proven to be a reliable shield.

Overall, an excellent security solution that I’d recommend to anyone looking for robust protection and peace of mind!