The hoster complained about viruses on the site. Threw off the information in what files. And blocked until the problem is fixed. Question

E

Evgenia Satonina2020-04-18 01:49:25

Malware

Evgenia Satonina, 2020-04-18 01:49:25

The hoster complained about viruses on the site. Threw off the information in what files. And blocked until the problem is fixed. Question - how to remove viruses?

Hello.
CMS - wordpress, (I confess) a template downloaded for free on the Internet.
Hoster (3 years later), complained about viruses on the site. I indicated the names of the files and was like this ...
The question is how to find the virus code in these files and delete it?

Here are the files if that helps.
https://drive.google.com/file/d/1Kwpk9QBSe_U3IWWlo...
https://drive.google.com/file/d/1_hB8oRkOSjuOVZAh4...
https://drive.google.com/file/d/ 1ogxntwxPnj-p4lxnM...

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

D

Dmitry Gordinskiy, 2020-04-18
@DmitriyGordinskiy

wp-vcd.php
The install_code variable looks insanely weird.
Of course, I suspect that in WP this may not be the case, but this is the most suspicious fragment of all
UPD files:
Yeah, a request to get content from a third-party resource

S

Sergey Karbivnichy, 2020-04-18
@hottabxp

WordPress Virus Wp-vcd Malware

F

freelancer007, 2020-04-18
@freelancer007

The easiest option, and the most reliable, is to restore site files and a database dump from a backup.

O

Orkhan Hasanli, 2020-04-18
@azerphoenix

There is no point in deleting this code, since you had it installed with some kind of plugin. I would venture to guess that you have some premium plugin that you downloaded "for free" and with it all the "beautiful" baggage.
Accordingly, in addition to cleaning these files, look for an infected plugin and remove it. Or it could be in the premium theme you are using. Then look for example in functions.php
Also install the Wordfence plugin and crawl the site