Tagged: , ,

Viewing 26 posts - 1 through 26 (of 26 total)
  • Author
    Posts
  • January 31, 2017 at 10:55 am #740553
    steliosagapiou

    Dear Support,

    Wordfence found critical problem in the php file

    wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php

    Please let me know if I have to delete the file and upload a new one or upgrade all the theme files.

    Regards

    Stelios

    January 31, 2017 at 11:05 am #740556
    dirkvisser

    Same problem. Seems like the link they use got hacked. The link (http://www.link.at/) DON’T VISIT ATM is mentioned as a comment.

    //fallback for previous default input link elements: convert a http://www.link.at value to a manually entry
    if(strpos($element[‘std’], ‘http://’) === 0) $element[‘std’] = ‘manually,’.$element[‘std’];

    Nothing to worry about as long as you don’t visit the website. Most browsers will block the site anyways.

    • This reply was modified 7 years, 9 months ago by dirkvisser. Reason: changed websites to browsers
    January 31, 2017 at 11:46 am #740568
    ConnyQ

    i have the same problem today on 8 Enfold websites :( What shall i do now?

    January 31, 2017 at 12:22 pm #740582
    Mario

    Same problem on 6 Enfold sites, all using wordfence. Any ideas to fix this?

    January 31, 2017 at 12:34 pm #740584
    Sitbackeu

    Yep, same warning over here. What to do about it? Firefox blocks the whole url now.

    January 31, 2017 at 12:35 pm #740585
    poppenhaeger

    I also have this problem.

    “Adding issue: File contains suspected malware URL: /home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php”

    I deleted the file with wordfence and now my enfold website is down :-((((

    ****
    Warning: require_once(/home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php) [function.require-once.php]: failed to open stream: No such file or directory in /home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/template-builder.class.php on line 111

    Fatal error: require_once() [function.require.php]: Failed opening required ‘/home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php’ (include_path=’.:/usr/local/share/pear:/home/thingsc/www/die-barracudas.ch/wp-content/plugins/mailchimp-widget/lib’) in /home/thingsc/www/die-barracudas.ch/wp-content/themes/enfold/config-templatebuilder/avia-template-builder/php/template-builder.class.php on line 111

    ****
    Can you please advice what to do?

    January 31, 2017 at 12:37 pm #740586
    Mario

    poppenhaeger you have to reupload the files, the theme needs this file to work.

    January 31, 2017 at 12:38 pm #740587
    george

    Hi there,

    same problem also,

    what if we just take out the suspected url from the comments? would that do the trick?

    thnx

    January 31, 2017 at 12:43 pm #740588
    poppenhaeger

    eny4W: you mean uploading the newest enfold theme via ftp and replacing the folder: wp-content/themes/enfold with the theme files?

    January 31, 2017 at 12:53 pm #740590
    jorche

    Hi,

    i have the same problem, and after looking into source i suggest 2 things:

    .) don’t delete it
    this link ist mentioned in a comment in the file

    .) Kriesi: please update the theme and replace the url http://www.l**k.at to another placeholder url
    http://www.l**k.at is blacklisted as a malware site, that’s why wordfence sees the theme corrupted.

    Best,
    Stefan
    aumayermedia.at

    January 31, 2017 at 12:53 pm #740591
    jorche

    yep, this would do the trick for now

    January 31, 2017 at 12:58 pm #740593
    perprod

    Same issue here, need a fix!

    January 31, 2017 at 1:06 pm #740599
    perprod

    Is there anything we should be doing immediately? Is it a problem in the short term?

    January 31, 2017 at 1:25 pm #740606
    Trender

    Got several clients mailing (in distress), thinking they got hacked.
    All got the same Wordfence message.

    I hope this will be fixed quickly.

    January 31, 2017 at 2:45 pm #740652
    Yigit

    Hey!

    Please refer to this post – https://kriesi.at/support/topic/wordfence-found-a-suspected-malware-in-an-enfold-php-file/#post-740608

    Cheers!
    Yigit

    January 31, 2017 at 3:00 pm #740665
    aovivo

    same problem here, please assist!!

    January 31, 2017 at 3:04 pm #740668
    Yigit

    Hey!

    Please see the link i posted above. As mentioned, we will add the fix to upcoming update.
    Malicious link is in commented line therefore has no affect at all on your sites.

    Regards,
    Yigit

    January 31, 2017 at 3:23 pm #740683
    Sitbackeu

    Yes, thanks. The link worked. No worries any more.

    January 31, 2017 at 4:56 pm #740749
    jtuselton

    Where can I locate “enfold/config-templatebuilder/avia-template-builder/php/html-helper.class.php file” to edit? Sorry, this is very new for me.

    January 31, 2017 at 5:01 pm #740752
    Yigit

    Hey!


    @jtuselton     You can access the file via FTP. If you would like to make the changes for you, please start a new thread and attach FTP logins in private content field. If you post them here, they will be visible to creator of this thread as well

    Best regards,
    Yigit

    January 31, 2017 at 5:04 pm #740754
    jtuselton

    So, you need my login for my hosting account, correct? BlueHost?

    January 31, 2017 at 5:08 pm #740756
    Yigit

    Hey!

    Yes, we need to access files on your server to edit them. But again, please post them in a new thread in private content field.

    Regards,
    Yigit

    January 31, 2017 at 5:26 pm #740772
    jtuselton

    Thanks Yigit, here’s the link to the new thread. https://kriesi.at/support/topic/possible-malware/

    January 31, 2017 at 5:47 pm #740788
    steetiehj

    My colleague deleted the file, I’ve uploaded it for him but when accessing the admin section of the site we get the following error:

    Fatal error: Class ‘AviaHtmlHelper’ not found in /var/www/vhosts/website.com/httpdocs/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/blog.php on line 88

    January 31, 2017 at 5:57 pm #740792
    Yigit

    Hi!


    @steetiehj     Please re-install the file and applied the changes explained here – https://kriesi.at/support/topic/wordfence-found-a-suspected-malware-in-an-enfold-php-file/#post-740608
    If you would like us to look into it, please start a new thread and attach temporary admin logins and FTP logins in private content field

    Best regards,
    Yigit

    January 31, 2017 at 6:00 pm #740800
    poppenhaeger

    resolved, thanks!

  • Author
    Posts
Viewing 26 posts - 1 through 26 (of 26 total)
  • The topic ‘suspected malware’ is closed to new replies.