I’m the content administrator of http://www.addadult.com/ which uses Themefrost’s Envision 220.127.116.11. I’ve been dealing with infected files for a while - bringing the site down often. I’ve since worked with my hosting company who did a hardening service. They suggested I do a clean install of the theme and make sure it’s fully up-to-date. I need help from a developer to do this; I’m a content admin. Here’s the background:
They informed me a WordFence scan found the following files infected:
Those files did not belong in those directories, for example, wp-content/plugins/ps-auto-sitemap/language/ has some .mo files and the code.php file was the only PHP file and it had a different timestamp. Those files were removed.
There were other infected files belonging to the default WordPress themes. My hosting company uninstalled those themes (Twenty Ten, Twenty Eleven, Twenty Twelve, Twenty Thirteen) since they are not in use.
One of the infected files was the header.php belonging to my current theme, Envision. My host removed the malicious code from that file strongly recommended I reinstall the theme using a clean download from the theme provider’s site and work with the theme provider to make sure it is secure and fully updated. This is where I need help as I don’t know how to do this part.
Please message me if you are able to help.