deelunn2000 0 Posted March 14 Share Posted March 14 Hi There I'm getting this error saying my website has been infected, however I'm doing a scan and I can't find anything with a malware plugin. The website is https://peoplesparksolutions.co.uk/ Can you check for me please? Dee Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,082 Posted March 14 Administrators Share Posted March 14 The website is indeed infected: https://sitecheck.sucuri.net/results/https/peoplesparksolutions.co.uk Quote Link to comment Share on other sites More sharing options...
deelunn2000 0 Posted March 14 Author Share Posted March 14 Can you tell me how I can clean it please? Quote Link to comment Share on other sites More sharing options...
Solution deelunn2000 0 Posted March 14 Author Solution Share Posted March 14 Just to add, I ran a scan this morning and found a suspicious file, which I have since removed and the scan is now showing as clean so I don't understand? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,082 Posted March 14 Administrators Share Posted March 14 I was wrong, the result was from 1 hour ago. After re-scanning it, no threat was found and I'm not getting any alert from ESET while browsing the site either. deelunn2000 1 Quote Link to comment Share on other sites More sharing options...
deelunn2000 0 Posted March 14 Author Share Posted March 14 This is great news, but unfortunately my client (the website owner), is still getting the error message in Edge? I've cleared the cache, is there anything else I can do so the error doesn't appear? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,082 Posted March 14 Administrators Share Posted March 14 Could you post a screenshot of the error that the user is getting? I can open the site in Edge alright and no AV vendor has blacklisted it either according to VirusTotal. deelunn2000 1 Quote Link to comment Share on other sites More sharing options...
deelunn2000 0 Posted March 14 Author Share Posted March 14 He's just cleared the cache and it appears to be sorted - thank you so much for your help Quote Link to comment Share on other sites More sharing options...
deelunn2000 0 Posted March 18 Author Share Posted March 18 Hey there The website is infected again - how can I stop this from happening? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,082 Posted March 18 Administrators Share Posted March 18 wpsec.com reports: WordPress theme in use: Avada Version: 7.7.1 Update to version 7.9.2 https://wpscan.com/vulnerability/6c977bb4-daeb-42ef-b638-f4d323f18d66/ Should it still be getting re-infected, we recommend contacting Sucuri or another website cleaning and monitoring service to help you harden the website against attacks. deelunn2000 1 Quote Link to comment Share on other sites More sharing options...
deelunn2000 0 Posted March 18 Author Share Posted March 18 Thank you! I've updated it there and also noticed a fake administrator user account that shouldn't of been there. Removed them, and changed passwords for all the other users, db and FTP. Hopefully that should stop it 🤞 Quote Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 202 Posted March 19 Most Valued Members Share Posted March 19 (edited) 20 hours ago, deelunn2000 said: Thank you! I've updated it there and also noticed a fake administrator user account that shouldn't of been there. Removed them, and changed passwords for all the other users, db and FTP. Hopefully that should stop it 🤞 You also need to update your Wordpress and your theme , since the theme is vulnerable , and it's possible to add stuff through logged in admins with that vulnerability according to the link that was posted by Marcos. They will be back since the vulnerability is still there waiting to be exploited again. Edited March 19 by Nightowl Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.