Possible infected file quarantined

Home Forums BulletProof Security Pro Possible infected file quarantined

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #27933
    Zsolt Edelényi

    I just activated a BPS Pro in a new site. Since then every 15 mins there is a file in quarantine. The same file: …/wp-admin/includes/last_update.txt. The file itself contain the full domain name. What do you think? Is it a begginning of a hack or something else? I found two infected files: admin/includes/class-fud.php and wp includes/canonical.php. The date of these files are equal to my first order in my woocommerce shop. Do you have any idea how it is possible? Woocommerce plugin is activated from the offical website: https://wordpress.org/plugins/woocommerce/ The most important question: what to do now?

    Zsolt Edelényi

    [Topic has been merged into this relevant Topic]
    Recently I have many core files of WP core. Is it possible that there is a background-update? I compared a few files to the original one, but I could not find hacker code, but a few changes.
    This is the current list of updated files:


    I can send you the server log of that time of files quaranteened. Do you have any idea what this means? How these files get into my WP core?

    AITpro Admin

    Sorry for the late reply.  We did not get an email notification about this new forum topic.  Send the files to:  info at ait-pro dot com so we can look at the files to see if they contain hacker code.

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.