file qppr_frontend_script.min.js is infected
https://wordpress.org/plugins/quick-pagepost-redirect-plugin/
↧
this plugin gas trojan
↧
Trojan?
My provider told me that:
{CAV}Win.Trojan.Agent-1395005 in quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js
What happened?
https://wordpress.org/plugins/quick-pagepost-redirect-plugin/
↧
↧
Jetpack treated as Trojan
Hi all,
I got a mail from my hosting company that the website is having virus and I was shocked as I took all preventive measures and updated the plugins last week itself.
Then I tried running calmav and it detected Win.Trojan.Agent-1395367 in the official code file.
File: responsive-videos.min.js
Path: jetpack/modules/theme-tools/responsive-videos/responsive-videos.min.js
VT Scan Result – https://www.virustotal.com/en/file/1f6d3e09969916e203c940124ef19b654464ed322c756530e1bcb1267cc93e2c/analysis/1461085848/
AegisLab detects it as – Troj.Script.Gen!c
https://wordpress.org/plugins/jetpack/
↧
Hacked library for Malware Download [IMPORTANT]
Hello,
This theme have hacked and modified library: html5shiv. All detalis here:
https://www.virustotal.com/es/file/8ae3755aed81c2b6a6035490f3b6f957b6dc195f3dc9ee489d6cf25a94ab4fe1/analysis/
For fix it you need replace with original source code:
https://cdnjs.com/libraries/html5shiv/
Regards
Joshua Provoste
↧
Windows Defender Says The Zip contains a trojan
Hi,
For some reason Windows Defender thinks the download of this plugin contains a Trojan. I’m sure it’s a false positive but I just want to make sure malicious code didn’t slip in some how.
Thanks,
Dan
https://wordpress.org/plugins/link-library/
↧
↧
Virus JS:Decode-ADX (TRJ) modifica file HEADER.php
Salve, un virus del tipo JS:Decode-ADX (TRJ) ha infettato il file header.php presente nella cartella “theme”, come ripulirlo? come tornare allo stato originale? grazie per il supporto
——————
[Large code excerpt removed by moderator per forum rules. Please use Pastebin or a Gist for all large code excerpts, they work better anyway.]
↧
Adclick virus
Installed this plugin on a client site last week, and today my site was infected with the adclick virus, so had to delete the plugin. I’m a bit annoyed as both my client and I loved the plugin.
These are the files affected
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/bmp.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/grad.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/mpdfform.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/otl.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/otl_dump.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/ttfontsuni.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/config.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/ttfontdata/dejavusanscondensed.GDEFdata.php
https://wordpress.org/plugins/woocommerce-pdf-invoices/
↧
Pirate trying to having me loading a file
Hello,
I have a little problem.
When I go to my site (homnes.com), there is randomly a box which propose to load an exe file (sex.exe or anal.exe) coming from an unknown site from me (animalesabandonados.com, as far as I remember).
I do not know where this trouble comes from.
Do you have any idea ?
↧
cwebp-linux reported as trojan by Clam and Ikarus
Hi,
The cwebp-linux binary in ewww-image-optimizer is reported as Unix.Malware.Agent-1760567 by ClamAV and Trojan.Linux.ChinaZ by Ikarus. You can check this out on virustotal. I found this after clam on my server reported the file.
Do you know anything about this matter?
Thanks!
↧
↧
virus uploaded via wp-admin
Is there any chance, that I’d login to wp-admin of my website from a different computer and some trojan got uploaded automatically?
I didn’t upload any images or scripts or styles during that login. I just uncommented three lines of code via visual composer.
But the server started to crash after a couple of hours. The mysql server goes offline every few minutes. This problem hasn’t happened ever before on this server as there are a couple of sites running already.
↧
Trojan warning in Woo Ver 3.0.9 download from codex
I downloaded the Woo Ver 3.0.9 build from the repository (enabled Advanced View/Previous Versions -> dropdown list) to my desktop and my antivirus software 360 Total Security (https://www.360totalsecurity.com) warned of a trojan in the file:
Trojan File: woocommerce.3.0.9.zip
Risks: Trojan (virus.vbs.starupxls.b)
https://prnt.sc/fpdcq4
and so I think you may have a problem!
I also downloaded ver 3.1.0 and it does not generate the virus software.
While you might just say “use the newest version” the theme I am using has many woo templates, and I see they need to update 2 of them for your new version which I am certain they will have released an update within the next day (they are superb about this – the Striking MultiFlex theme at ThemeForest – incredibly well supported for 7 yrs now that I have been using them – they pump out updates like clockwork).
In any case, the virus warning is the issue at hand of which I am notifying you to assess.
Thank You
↧
Trojan Positive Fontawesome style.css
Hi!
Im getting a positive id for Trojan.Gen.NPE in the style.css file located here:
so-widgets-bundle/icons/fontawesome/style.css
Im using the updated version of the plugin.
Could you check please?
Thank you for your kind attention
↧
TrojanDownloader:097M/Donoff detected in archive
Trojan was detected by both Wordfence (when installing via WP Updates) and by Microsoft Security Essentials. I have since deleted this plugin from all my sites.
↧
↧
Support Links Go To Virus Infected URL
I am trying to setup email piping using either cPanel or IMAP so I clicked on the link (How to set-up email piping using cPanel?)
This link took me to http://pradeepmakone.com/wpspdoc/2016/02/10/how-to-setup-email-piping-via-cpanel/ where my computer was assaulted.
I have also tried other links going to pages on a domain that is no longer registered with you.
I’ve been using this plugin for a long time but after this I will need to re-evaluate.
I’m hoping you can shed some light on this before I convince myself that this plugin is just a huge back door into my server.
Looking forward to a reply.
↧
Hacked library for Malware Download [IMPORTANT]
Hello,
This theme have hacked and modified library: html5shiv. All detalis here:
https://www.virustotal.com/es/file/8ae3755aed81c2b6a6035490f3b6f957b6dc195f3dc9ee489d6cf25a94ab4fe1/analysis/
For fix it you need replace with original source code:
https://cdnjs.com/libraries/html5shiv/
Regards
Joshua Provoste
↧
JS Trojan Downloader
I was using one of my wordpress’ plugin, Quttera Web Malware Scanner. It has found a js trjoan downloader. So I has removed it and clean again. Everything were fine. So I’ve download it again and tested again. It does still have a js trojan downloader. How can I resolve or fix it? I love your social media button designs. It does fit to my website.
Please contact me soon as possible.
Severity: enMaliciousThreatType
File: /wp-content/plugins/simple-so/…/simple-social-buttons.php
File signature: 403be872a3f66e621e3247444c11c368
Threat signature: 260efd85d68b71e1f5e21fb909305831
Threat: 044.015.046.016.119.
Details: Malicious obfuscated JavaScript threat (JS Trojan Downloader)
↧
Gutenberg / cldup.com blocked by Malwarebytes / Trojan
As soon as I activated Gutenberg, in a new installation of WordPress 4.9.8, my local Malwarebytes began blocking cldup.com indicating there was a trojan on that site. This behavior continued each time I went to Gutenberg from my Dashboard menu and each time I left the Gutenberg editor by clicking a different menu item in the dashboard. I had no choice but to deactivate the plugin (beta) and delete it from my WordPress site. I thought I would give it a try and now pray that it is not put into production until cldup.com is secured. Apparently, cldup.com had similar issues back in January of 2017. Is this a lingering leftover from waaaay back then? Or is this a new trojan warning?
↧
↧
GData alert – Trojan in downloaded blox_img.zip file
Hello,
yesterday I purchased and downloaded blox page builder. Today’s virus scan by GData reports a trojan named Archive.Trojan.Ptrisc.A@gen in blox_img.zip file.
Please tell me what to do now.
Best regards
Rolf
↧
VirusTotal reports a Trojan
I downloaded the plugin from wordpress.org and then ran VirusTotal scan on the file.
It produced a positive for : Trojan[Exploit]/JS.Pdfka.r , by Antiy-AVL.
These results are often false, but I hope the plugin developer will look into this.
Then – I will change my 1-star rating.
But then again, it may actually have some back-door exploits.
A form-builder plugin would be an ideal one for that purpose.
Beware !
↧
Adclick virus
Installed this plugin on a client site last week, and today my site was infected with the adclick virus, so had to delete the plugin. I’m a bit annoyed as both my client and I loved the plugin.
These are the files affected
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/bmp.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/grad.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/mpdfform.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/otl.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/otl_dump.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/classes/ttfontsuni.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/config.php
./wp-content/plugins/woocommerce-pdf-invoices/lib/mpdf/ttfontdata/dejavusanscondensed.GDEFdata.php
https://wordpress.org/plugins/woocommerce-pdf-invoices/
↧