If you suspect your WordPress site may be compromised we now have a handy tool you can use to check and verify the core files of WordPress have not been modified and also reports if any extra files are in places where custom content should not be located. You can also use this function to re-install the WordPress core quickly and easily if needed - just be aware you still need to review the rest of the site, basically everything in the wp-contents folder like themes, plugins and also check and reset passwords for users into WordPress itself.
Right, so how do we do this?
Step one is to log into your Hosting Control panel.
Select the domain you wish to check.
Click the WordPress icon next to a specific site or click on WordPress on the left-hand menu to see a list of sites.
Down the bottom of the WordPress Dashboard in the lower left, you will see Check WordPress integrity
Click it and on the next page select "Verify Checksums" - this will then verify the core WordPress files against the master files from wordpress.org
If there are issues found, you will get a list of files that failed checks and also files that should not be in these folders.
You will then be given the option to re-install the Core. Before doing this we recommend.
a) make a site backup.
b) note that any custom files you DO want to keep in these folders will be removed, you can add them back when done but consider carefully if the files should be in that location.
Re-installing the core is quick and safe, it will also give you details of the changes when done.