wp-includes/class.wp.php?? | ww.wp.xz.cn

Resolved spooky1
(@spooky1)

8 years, 11 months ago

How can I clear this backdoor? I tried it directly from ftp, but it does not go. What should I do?

File appears to be malicious: wp-includes/class.wp.php
Filename: wp-includes/class.wp.php
File Type: Not a core, theme or plugin file.
Issue First Detected: 1 hour 34 mins ago.
Severity: Critical
Status New
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “if ( isset($_REQUEST[‘exec’]) && isset($_REQUEST[‘cmd’]))\x0aDoCmd($_REQUEST[‘cmd’]); else MakeSimpleForm();}?>”. The infection type is: Backdoor:PHP/DoCmd.

Thank you very much for your help.

Viewing 2 replies - 1 through 2 (of 2 total)

wfalaa
(@wfalaa)

8 years, 11 months ago

Hi spooky1,
It could be tricky a little bit, but I highly recommend to calm down and follow these steps precisely “How to Clean a Hacked WordPress Site using Wordfence“, then make sure you are applying these security tips mentioned in “How to Harden Your WordPress Site From Attacks” and “How to Secure Your WordPress Working Environment“.

Thanks.

wfchloe
(@wfchloe)

8 years, 10 months ago

Hello spooky1!

I hope we were successful in helping you resolve your issue with Wordfence! Since we have not heard back from you in the past 2 weeks I will now be marking this support thread as resolved. However, if we still haven’t resolved your issue please reach out to us as we would be more than happy to further assist you!

Thanks and have a great day!
Chloe

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘wp-includes/class.wp.php??’ is closed to new replies.

2 replies
3 participants
Last reply from: wfchloe
Last activity: 8 years, 10 months ago
Status: resolved