Forum Replies Created

Viewing 30 posts - 1 through 30 (of 99 total)
  • Author
    Posts
  • in reply to: Google reports malware in enfold file #320648

    @devin: my entry was not meant to blame anyone. i am very much aware of the fact, that i was ignorant as far as security is concerned, just because i had luck – until now.

    Since this attack was something new to me, i wanted to inform you @kriesis, which files had been infected, maybe this is of some help for anyone.

    Cheers, Sebastian

    in reply to: Google reports malware in enfold file #320589

    yes, it is pretty annoying. Our website was hacked on friday and after removing some of the malware by hand, using antivirus, sucuri net and wp antivirus protection guard, still some files were infected. since switching theme is not an option for us, we now had to engage professional service of protection guard to have our site cleaned and de-blacklisted. I do not want to think about the loss we are facing.

    here is the list of infected enfold files:

    /wp-content/themes/enfold/framework/js/avia_advanced_form_elements.js
    ./wp-content/themes/enfold/framework/js/avia_colorpicker.js
    ./wp-content/themes/enfold/framework/js/avia_dynamic_templates.js
    ./wp-content/themes/enfold/framework/js/avia_edit_dynamic_templtes.js
    ./wp-content/themes/enfold/framework/js/avia_media.js
    ./wp-content/themes/enfold/framework/js/avia_media_advanced.js
    ./wp-content/themes/enfold/framework/js/avia_media_wp35.js
    ./wp-content/themes/enfold/framework/js/avia_mega_menu.js
    ./wp-content/themes/enfold/framework/js/avia_option_pages.js
    ./wp-content/themes/enfold/framework/js/avia_sidebar.js
    ./wp-content/themes/enfold/framework/js/conditional_load/avia_conditional_mega_menu.js
    ./wp-content/themes/enfold/framework/js/conditional_load/avia_google_maps_widget.js
    ./wp-content/themes/enfold/js/avia-compat.js
    ./wp-content/themes/enfold/js/avia.js
    ./wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.js
    ./wp-content/themes/enfold/js/aviapopup/jquery.magnific-popup.min.js
    ./wp-content/themes/enfold/js/mediaelement/jquery.js
    ./wp-content/themes/enfold/js/mediaelement/mediaelement-and-player.js
    ./wp-content/themes/enfold/js/mediaelement/mediaelement-and-player.min.js
    ./wp-content/themes/enfold/js/mediaelement/mediaelement.js
    ./wp-content/themes/enfold/js/mediaelement/mediaelement.min.js
    ./wp-content/themes/enfold/js/mediaelement/mediaelementplayer.js
    ./wp-content/themes/enfold/js/mediaelement/mediaelementplayer.min.js
    ./wp-content/themes/enfold/js/shortcodes.js

    in reply to: Google reports malware in enfold file #319639

    Update: the siteguarding.com Team Managed To remove the two remaining malware files from the Plugin directory. They works pretty fast and obviously it works, Since our Site can be visited again without red Warning page ahead.

    Now let uns see how Long it Takes google To remove the Warning from the serps.

    Regards, Sebastian.

    in reply to: Google reports malware in enfold file #319066

    Hi Ismail,
    Thanks for coming back on my issues.
    How do unhandlich the Virus alert, saying

    /themes/enfold/functions-enfold.php
    if(strpos($html, ‘<iframe’) !== false)
    $created = avia_backend_create_file($stylesheet, $styles, true);

    Thanks for your assistance.

    Regards, Sebastian.

    • This reply was modified 5 days, 23 hours ago by  mirzepapa.
    in reply to: Google reports malware in enfold file #318909

    Next Step: due To wp antivirus Protection guard following suspicious files remain:

    Heuristic Logic Report
    Heuristic algorithm has the capability of detecting malware that was previously unknown. It doesn’t give 100% guarantee that the file is the virus and requires manual review. If these files are not a part of plugins, extentions or website, delete or block them.
    If some of the files are listed above in Antivirus Scanner Report, it’s 100% file with malware inside.
    If you are not sure, you always can contact our support and we will analyze the files.

    Total Scanned Files: 7871
    Total Unsafe Files: 9

    File
    /wp-content/plugins/iphorm-form-builder/includes/common.php
    /wp-content/plugins/redirection/ouq.php
    /wp-content/plugins/w3-total-cache/lvp.php
    /wp-content/plugins/eventON/admin/includes/addon_details.php
    /wp-content/plugins/wysija-newsletters/controllers/ajax/config.php
    /wp-content/plugins/wysija-newsletters/controllers/back/config.php
    /wp-content/muell/w3-total-cache/lib/CSSTidy/data.inc.php
    /wp-content/plugins/w3-total-cache/lib/CSSTidy/data.inc.php
    /wp-content/themes/enfold/includes/admin/dummy.php
    These files are not 100% malicious code/scripts, but contain code elements and commands those have been used in different malicious scripts. Review is required.Each file in the report might contain malicious code. If you decided to send us the files for inspection it might take us up to 24 hours to analyze them and provide you with detailed report (The service is available for paid members only).

    I already managed To remove 12 malware files, so far, so good. Let’s See what google thinks about these steps.

    Regards, Sebastian.

    in reply to: Google reports malware in enfold file #318896

    Hi,

    so i was able to remove most of the marked files, but do not know what to do with this one:

    /themes/enfold/functions-enfold.php
    if(strpos($html, ‘<iframe’) !== false)

    (as marked by Sergej Müllers Antivirus)

    Thanks for your advice,
    Sebastian.

    in reply to: Google reports malware in enfold file #318818

    Antivirus by Sergej Müller.

    in reply to: Google reports malware in enfold file #318809

    Hi,
    using Antivirus, the programm found the following files suspicious:

    - /themes/enfold/config-layerslider/config.php
    $sample_slider = json_decode(base64_decode(file_get_contents(dirname(__FILE__).”/Layer …
    sample_slider = json_decode(base64_decode(file_get_contents(dirname(__FILE__).”/LayerSlider/{$path}{$ …
    //print_r(base64_encode(str_replace(‘avia-samples’,’sampleslider’, …
    … (str_replace(‘avia-samples’,’sampleslider’, base64_decode(file_get_contents(dirname(__FILE__).’/Layer …
    … ia-samples’,’sampleslider’, base64_decode(file_get_contents(dirname(__FILE__).’/LayerSlider/samplesli …

    - /themes/enfold/config-woocommerce/admin-import.php:
    if(isset($id)) $file = get_attached_file( $id );

    - /themes/enfold/functions-enfold.php:
    if(strpos($html, ‘<iframe’) !== false)
    $created = avia_backend_create_file($stylesheet, $styles, true);

    Here is what Google Safebrowsing reports:

    Wie wird musikzentrale.net momentan eingestuft?

    Diese Website ist momentan als verdächtig eingestuft und kann Ihren Computer beschädigen.

    Ein Teil dieser Website wurde aufgrund verdächtiger Aktivitäten in den letzten 90 Tagen 8 mal auf die Liste gesetzt.

    Was ist passiert, als Google diese Website aufgerufen hat?

    In den letzen 90 Tagen haben wir 27 Seiten der Website überprüft. Dabei haben wir auf 10 Seite(n) festgestellt, dass Malware (schädliche Software) ohne Einwilligung des Nutzers heruntergeladen und installiert wurde. Der letzte Besuch von Google war am 2014-09-13. Verdächtiger Content wurde auf dieser Website zuletzt am 2014-09-13 gefunden.

    Die Malware umfasst 127 scripting exploit(s).

    Malware wird auf 3 Domain(s) gehostet (z. B. tyy48.com/, limitlessnewworlds.com/, vertcoin.com.br/).

    Diese Website wurde über 2 Netzwerk(e) gehostet (z. B. AS24940 (HETZNER-AS), AS15169 (GOOGLE)).

    Hat diese Website als Überträger zur Weiterverbreitung von Malware fungiert?

    In den letzten 90 Tagen hat musikzentrale.net scheinbar als Überträger für die Infizierung von 1 Website(s) fungiert, darunter muze1.de/.

    Hat diese Website Malware gehostet?

    Ja. Diese Website hat in den letzten 90 Tagen Malware gehostet. Sie hat 1 Domain(s) infiziert (z. B. muze1.de/).

    Wie ist es zu dieser Einstufung gekommen?

    Gelegentlich wird von Dritten bösartiger Code in legitime Websites eingefügt. In diesem Fall wird unsere Warnmeldung angezeigt.

    Falls Sie der Inhaber dieser Website sind, können Sie eine Überprüfung Ihrer Website hinsichtlich Malware beantragen. Benutzen Sie hierzu die Google Webmaster-Tools. Weitere Informationen über den Prüfprozess erhalten Sie in der Webmaster-Tools-Hilfe.

    I am really helpless facing this problem – since i am not using layer slider – can i delete the config? I was planning to use Woocommerce again …

    Your help is highly appreciated.
    Sebastian

    in reply to: Infinite Redirect #270040

    Topic is ready to be closed, works again, maybe a caching issue.

    in reply to: Enfold Showcase #268516

    Wow, this one looks great! Took me second to identify enfold behind your site ;-)

    in reply to: Event Plugin Claudes issues, style Not loading #256738

    Solved, the issue was caused by the automatted minify settings of w3tc. Disabling the automatic CSS minifying brings back the eventon Stylesheet.

    in reply to: Can't edit pages anymore after update to 2.7 #255503

    Hi Katrin & support,

    same with me, I can confirm the exact issue after updating a site from 2.64 on WP 3.9 to Endold 2.7 this morning: the page i want to edit keeps loading and loading, i am able to publish, change setting for header, sidebar a.s.o., but the actual content, setup with the layoutbuilder on the respective pages, is not accessible.

    A fresh page without the layout builder works just fine.

    Any idea to fix this is highly appreciated, thanks,
    Sebastian.

    in reply to: Enfold Showcase #246395

    With the tansparent header, my biggest Point on the wishlist came true. And so i finally could set up our website as i thought it should be from the very First moment: http://www.musikzentrale.net

    Great theme, especially the permanent struggle To Male it Even better, combined with an outstanding support.

    Cheers, Sebastian.

    in reply to: remove padding from header #245959

    Strike! thank you, Yigit, that did the trick. Solved.

    Have a great day,
    Sebastian

    in reply to: remove padding from header #245953

    Yes, of course – cannot expect everyone to have this in mind ;-) Sorry!

    Here it is: http://www.musikzentrale.net/unterricht/

    in reply to: logo appears twice on transparent header #241227

    Hi Yigit,
    thanks again for helping me. but i am afraid, this does not work either. I now do have again two overlapping logos in the header when scrolling down: the white one, which is supposed to go with the transparent header, and the black-typo one, which is actually to appear on the white header bg upon scrolling.

    Hm, and now?

    thanks for your support.
    Sebastian

    in reply to: logo appears twice on transparent header #240559

    Hi Yigit,
    Thank you for quick responding, but this is only half the Solution To my issue. Since i am using dark photos i need a white logo for the transparent Header. Scrolling down, header bg Color changes to white, so i need the regular logo with dark typo.

    To make the transparent Header perfect, there should be two logo versions: One is Used for the transparent Header, the Otter logo for the colored header section. This is how the X or Eli themes deal with the transparent aera. Are there any Plans on that?

    Best regards
    Sebastian

    in reply to: custom.css does not work in chrome after update #236806

    Hi Devin,
    thanks for pointing me to this. Thought i had already cleared all caches, but only some more clearing processes did the trick. All good now ;-)

    Cheers Sebastian.

    in reply to: custom.css does not work in chrome after update #236210

    strange enough – issues with custom.css only appears when i am logged in to the dashboard …

    in reply to: Header issues after updating to version 2.6 #235445
    This reply has been marked as private.
    in reply to: portfolio sorting issue after upgrading to 2,5,1 #223807

    Don`t know how, but the sorting is back this morning – as it used to be. Topic can be closed.

    in reply to: footer / socket problem on fullwidth masonry pages #219237

    Great, thank you all.

    in reply to: footer / socket problem on fullwidth masonry pages #215486

    Hi Ismael,
    did you already had a chance to look at the site? Do not want to be pushy, just asking.
    Thanks again for your kind offer.

    Regards, Sebastian

    in reply to: Position Mega Menu Submenu #215250

    ups, thanks Ismael, that did the trick ;-)
    thread can be closed.

    Regards, Sebastian

    in reply to: Position Mega Menu Submenu #214990

    Hi Ismael,
    thanks for pointing me to the respective part of the code.
    I set it up with the CSS snippet from above in the custom.css, playing around with pxs to adjust the container along the line, but did not look that great as expected. So i deleted the snippet, but now the submenu is about 100px underneath the main menu. I have removed browser cache at least 50 times now, but the submenu will not move back to the top.

    Is there a conflict with another part in the custom.css, defining the mega_div?

    #header .avia_mega_div {
      box-shadow: 0 30px 60px rgba(0, 0, 0, 0.1);
      display: none;
      margin: -6px 0 0;
      overflow: hidden;
      padding: 5px 0 0;
      position: absolute;
      right: 0;
      top: 100%;
      z-index: 2;
    }

    A confused Sebastian.

    in reply to: footer / socket problem on fullwidth masonry pages #214982
    This reply has been marked as private.
    in reply to: footer / socket problem on fullwidth masonry pages #214924

    Hi,
    here is a pic showing the footer & socket section on top of the page http://www.musikzentrale.net/unterricht/gitarre/. I disabled footer and socket for now, since sunday is our visitors peak day.

    footer_socket issue on masonry pages

    It would be great to use both features, full masonry AND footer socket, which actually does work on another page http://www.musikzentrale.net/ueber-uns/dozenten/.

    Thanks for your help,
    Sebastian.

    in reply to: footer / socket problem on fullwidth masonry pages #214923

    Hi Ismael,
    thank for you advice. So i have been through the Guitar lessons page at http://www.musikzentrale.net/unterricht/gitarre/, which consists mainly of color sections stacked on one another, only “coding” it contains are dropcaps in the text, but they are set properly.
    All other sections contains an image and special heading, the contact form and the video player – all enfolds built in Shortcodes, so even a coding dummy like me cannot get tags unclosed ;-)

    To be honest: I have no idea where to look for open tags or divs …

    Cheers, Sebastian,

    in reply to: Position Mega Menu Submenu #214919

    Hi Ismael,
    thanks for your answer, but this did not solve the problem – yet ,-)

    Please see the attached image: the thin orange line (not contained on the site, i just draw the line for demo purposes) marks the upper border of the submenu div. this container should move about 5px downwards to align with the thin grey line, which is supposedly the bottom-border of .header-main?

    Sub Menu Div alignment

    the CSS you mentioned did not show any result, even if i set it to 100px.

    Any other idea?

    Thank you,
    Sebastian.

    • This reply was modified 7 months, 4 weeks ago by  mirzepapa.
    in reply to: Position Mega Menu Submenu #214822

    Hey Yigit,
    thanks for coming back. Not quite:

    There is a thin, lightgrey line underneath the first level menu items. Hovering this, the submenu appears, and its white box overlapps the grey line just by some 3-5px. I would like to the submenu box aligned to the grey line. I do not even know where to make it move anywhere ;-)

    cheers, sebastian

Viewing 30 posts - 1 through 30 (of 99 total)