cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Helper I

Recieved e-mail from Go Daddy saying they found malware on my host site (WP)

This is what the e-mail said:


Please sign in to your hosting account and review the following content and remove or fix the files listed below:

 

php.spam-seo.doorway-gen.043 - html/wp-cron-task.php

 

rex.multi_vars.004 - html/wp-includes/SimplePie/HTTP/wp-blog-footer.php

 

rex.multi_vars.004 - html/wp-password.php

 

Can I get rid of these on my own. How do I do that on my own without paying GoDaddy? How bad is this?

 

 

 

 

 

3 REPLIES 3
Helper I

Re: Recieved e-mail from Go Daddy saying they found malware on my host site (WP)

A Securi external scan says the site is clean.

Helper I

Re: Recieved e-mail from Go Daddy saying they found malware on my host site (WP)

Hi Benny,

 

I've had to clean up malware for some of my clients in the past. It depends how bad it's affected. If only 3 files affected, then it doesn't seem that bad. The first thing I would recommend is make a back up of those files. It shouldn't affect your windows/ios as the malware but do ensure you have a virus/malware scanning real time. 

Sometimes you don't even need the files as they could be auto created by the malware. So after backing them up. Delete them from FTP and see if your website still functions.. 

 

I would first open up these files in notepad and see if you notice anything at the top near the first php tag. It's usually a load of % signs. You should be able to remove them all and save.

php.spam-seo.doorway-gen.043 - html/wp-cron-task.php

rex.multi_vars.004 - html/wp-password.php

 

The below file you should be able to get from the SimpePie plug in. Just download the plugin as a zip file and extract the contents and either replace the infected file with the good copy or do the whole plugin

rex.multi_vars.004 - html/wp-includes/SimplePie/HTTP/wp-blog-footer.php

 

Helper I

Re: Recieved e-mail from Go Daddy saying they found malware on my host site (WP)

jassv, I thank you for the response.

 

I am not tech savvy so what you are advising I really don't understand.

 

Would buying Go Daddy's "web security essentials" (as I have on  another site) clean this up?

 

This is a parked WP site with almost no traffic.  It's just there to have something on the web for what it is.  People looking for it would find it.  I have usually signed in once a month just to insure everything is updated, and now I have installed Wordfence free version, which has also found the  malware.