Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 981 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Not sure whether to delete a crucial file that Sophos identified as a virus - please help!

wm

This is a time-sensitive issue - please help if you can!

A web design company just finished designing a website for me. It's a WordPress site that uses WordPress themes. The web design company sent me a zip folder with all of the site files and content, so that I can upload the site to my server and get it up and running. However, before I could upload it, Sophos identified a one of the files in it as a virus:

'Virus/Spyware' Troj/PhpShel-G has been detected and listed in Quarantine Manager". The file's name is "Thumbs.php" and it is located in a WordPress folder called wp-content/plugins.

Should I hit "clean up" for this file? 

Is this file a threat to my computer? Should I not upload the site with this file excluded? If I exclude this file, will the site not work properly? 

I did a quick search regarding Thumbs.php and there were threads saying the company who designed the WordPress theme released an update. Maybe the file can be updated after the website is already uploaded? Not sure what to do here.

:1009896


This thread was automatically locked due to age.
Parents
  • 0

    If you install the contents as-is, you will likely end up hosting the BlackHole exploit kit in short order (meaning you will be actively infecting people who visit your site with malware).  Best to get the developers to fix the problem before you go live.  While you're at it, make sure you're using the latest patched version of WordPress and all themes and plugins you install on it -- it is one of the most common vectors of attack for malware, usually through sites that have added plugins and then have failed to patch when security updates are released.

    :1009938
Reply
  • 0

    If you install the contents as-is, you will likely end up hosting the BlackHole exploit kit in short order (meaning you will be actively infecting people who visit your site with malware).  Best to get the developers to fix the problem before you go live.  While you're at it, make sure you're using the latest patched version of WordPress and all themes and plugins you install on it -- it is one of the most common vectors of attack for malware, usually through sites that have added plugins and then have failed to patch when security updates are released.

    :1009938
Children
No Data