http://www.kriesi.at/support/tags/malware Support Forum - Tag: malware - Recent Posts en-US Sat, 18 May 2013 19:52:06 +0000 http://bbpress.org/?v=1.0.2 q http://www.kriesi.at/support/search.php http://www.kriesi.at/support/topic/malware-warning-issued-by-wordfence#post-91762 Tue, 15 Jan 2013 21:16:49 +0000 Devin 91762@http://www.kriesi.at/support/ <p>Hi Adendum,</p> <p>Re-download the theme files from Themeforest so that you have a fresh copy. Next, ask your host to scan your site for any malware/exploits/issues.</p> <p>Make sure to also change any passwords associated with your accounts.</p> <p>Right away you can upload a replacement for that specific file from the fresh copy you downloaded to get rid of the issue. The other steps are to make sure it doesn't come back.</p> <p>Regards,</p> <p>Devin </p> http://www.kriesi.at/support/topic/malware-warning-issued-by-wordfence#post-91740 Tue, 15 Jan 2013 18:23:07 +0000 Adendum 91740@http://www.kriesi.at/support/ <p>Hi,</p> <p>Is this a problem?</p> <p>File contains suspected malware URL: /home/content/06/9631006/html/wp-content/themes/replete/includes/helper-social-media.php</p> <p>Filename: wp-content/themes/replete/includes/helper-social-media.php<br /> Bad URL: <a href="http://techcrunch.com/2012/02/19/put-a-fork-in-erp/" rel="nofollow">http://techcrunch.com/2012/02/19/put-a-fork-in-erp/</a><br /> File type: Not a core, theme or plugin file.<br /> Issue first detected: 5 secs ago.<br /> Severity: Critical<br /> Status New</p> <p>This file contains a suspected malware URL listed on Google's list of malware sites. Wordfence decodes base64 when scanning files so the URL may not be visible if you view this file. The URL is: <a href="http://techcrunch.com/2012/02/19/put-a-fork-in-erp/" rel="nofollow">http://techcrunch.com/2012/02/19/put-a-fork-in-erp/</a> - More info available at Google Safe Browsing diagnostic page. </p> <p>And what steps should I take? </p> http://www.kriesi.at/support/topic/malware-warning#post-91618 Tue, 15 Jan 2013 02:20:19 +0000 Ismael 91618@http://www.kriesi.at/support/ <p>Hi alphagraphicsmissoula,</p> <p>I don't think those settings will be lost during a theme update. But just to make sure kindly create a backup to your database, you can use this as a reference:<br /> <a href="http://codex.wordpress.org/Backing_Up_Your_Database" rel="nofollow">http://codex.wordpress.org/Backing_Up_Your_Database</a></p> <p>Also if you have made some customizations in the theme files like custom.css or functions.php, kindly backup those files. (These are the ones that will be lost after a theme update).</p> <p>Regards,<br /> Ismael </p> http://www.kriesi.at/support/topic/malware-warning#post-91552 Mon, 14 Jan 2013 19:22:06 +0000 alphagraphicsmissoula 91552@http://www.kriesi.at/support/ <p>Would there be a way to keep my settings? I know I could save the few CSS changes I made but what about the Angular Admin panel settings such as color scheme, frontpage template etc.? </p> http://www.kriesi.at/support/topic/malware-warning#post-91549 Mon, 14 Jan 2013 19:14:13 +0000 Devin 91549@http://www.kriesi.at/support/ <p>If its 1.5 then yes. I typically just always recommend re-downloading if a user has had any issues. </p> http://www.kriesi.at/support/topic/malware-warning#post-91541 Mon, 14 Jan 2013 18:35:25 +0000 alphagraphicsmissoula 91541@http://www.kriesi.at/support/ <p>Thank you for replying! I actually just downloaded Angular a few weeks ago. Don't I already have the most recent version? </p> http://www.kriesi.at/support/topic/malware-warning#post-91536 Mon, 14 Jan 2013 17:59:35 +0000 Devin 91536@http://www.kriesi.at/support/ <p>Hi alphagraphicsmissoula,</p> <p>First download the most recent version of the theme files from Themeforest. There was a security update in the last release for the main framework files.</p> <p>Once you've updated, ask your host to do a security scan of your server for any malware (explaining the issues). Of course change any administrator passwords on your account(s) as well.</p> <p>Regards,</p> <p>Devin </p> http://www.kriesi.at/support/topic/malware-warning#post-91514 Mon, 14 Jan 2013 16:45:35 +0000 alphagraphicsmissoula 91514@http://www.kriesi.at/support/ <p>Hello. I am getting a Malware warning with certain browsers. Mostly Safari and Chrome.. Firefox seems ok. I do a site scan on sucuri and it brings up malicious code indicators for 4 different files. In ...angular\js\: "avia.js", "aviapoly.js", and "mediaelement-and-player.js". In ...wp-includes/js/jquery/: "jquery.js". All of them had one line of code at the very end of each file that inserted a blank iFrame. If I delete these and rescan the site comes back clean and there are then no malware warnings... but they come back, almost immediately. So I deleted again and set the permissions to each file to 0444. This keeps them clean however no the portfolio items will not display. I'm sure I'm not supposed to set such strict permissions on those js files but I don't know what else to do to keep the site clean and not display a malware warning. Can you help me with this? I'm struggling and shoulda been done last week :( Thank you very much. </p>