Here are some common malware (virus) file names that WordPress Doctor has discovered recently.
List of malware file names commonly found in WordPress
| #. | File Name | Included in wordpress files? |
|---|---|---|
| 1 | Random alphanumeric (about 6 characters).php | ×x |
| 2 | index.php | 0(s) |
| 3 | lock360.php | ×x |
| 4 | radio.php | ×x |
| 5 | content.php | ×x |
| 6 | about.php | 0 (3 items in wp-admin folder) |
| 7 | admin.php | 0 (may be included in plugins) |
| 8 | small.php | ×small.php (may be included in plugin) |
| 9 | moon.php | ×x |
These files can be files that hackers have illegally embedded by exploiting vulnerabilities in WordPress or by hijacking administrative privileges.
In many cases, they serve as an entry point for hackers to deface the site, known as a backdoor.
In particular, if files in the table above that are not included in the general WordPress file set (e.g. small.pbp) are placed by people, it is highly suspected that the site is infected with malware.
How to detect and remove malware?
It is often quite difficult to detect and remove all such hacker-embedded malware by hand, as it may be hidden in deep layers.
It is possible to detect and remove malware with a high degree of accuracy by using a plug-in that mechanically scans for malware.
Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].
If reinfection is repeated even after detection and disinfection by plug-ins, malware may be embedded via other sites on the server, malware may be written in an infinite loop of server processes, or mechanical detection may have limitations and may not be able to remove everything.
In these cases, we recommend that you contact a malware removal specialist.
