dlachusa on "[Plugin: Wordfence Security] Core Files Modified - have I been hacked?"

Mark,
Yes, I have more to share and need further help. After cleaning everything up per jrf's advice yesterday, I've been hacked again overnight on 3 of my sites (they're all on the same hosting account). I upgraded to Wordfence Premium yesterday (before the second round of hacks). I've contacted my host security dept (Hostgator) and they are looking into it, but any further advice here is appreciated. Clearly my sites/hosting account have been compromised and I need to get to the bottom of it.

Here are the notices I got yesterday afternoon:

On one site (malicious notices reference easy video player files):

* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code
* This file may contain malicious executable code

Warnings:

* Modified plugin file: wp-content/plugins/akismet/index.php
* Modified plugin file: wp-content/plugins/akismet/views/config.php
* Modified plugin file: wp-content/plugins/genesis-responsive-slider/style.css
* Modified plugin file: wp-content/plugins/genesis-simple-edits/plugin.php
* Modified plugin file: wp-content/plugins/genesis-simple-edits/readme.txt
* Modified plugin file: wp-content/plugins/jetpack/_inc/header.php
* Modified plugin file: wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven/functions.php
* Modified plugin file: wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven/header.php
* Modified plugin file: wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven/index.php
* Modified plugin file: wp-content/plugins/powerpress/getid3/index.php
* Modified plugin file: wp-content/plugins/powerpress/index.php

On another site:
Warnings:

* Modified plugin file: wp-content/plugins/akismet/index.php
* Modified plugin file: wp-content/plugins/akismet/views/config.php
* Modified plugin file: wp-content/plugins/genesis-simple-edits/plugin.php
* Modified plugin file: wp-content/plugins/genesis-simple-edits/readme.txt
* Modified plugin file: wp-content/plugins/jetpack/_inc/header.php
* Modified plugin file: wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven/functions.php
* Modified plugin file: wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven/header.php
* Modified plugin file: wp-content/plugins/jetpack/modules/minileven/theme/pub/minileven/index.php
* Modified plugin file: wp-content/plugins/si-captcha-for-wordpress/captcha/backgrounds/index.php
* Modified plugin file: wp-content/plugins/si-captcha-for-wordpress/captcha/gdfonts/index.php
* Modified plugin file: wp-content/plugins/si-captcha-for-wordpress/captcha/images/index.php
* Modified plugin file: wp-content/plugins/si-captcha-for-wordpress/captcha/index.php
* Modified plugin file: wp-content/plugins/si-captcha-for-wordpress/captcha/ttffonts/index.php
* Modified plugin file: wp-content/plugins/si-captcha-for-wordpress/index.php
* Modified plugin file: wp-content/plugins/w3-total-cache/inc/options/common/header.php
* Modified plugin file: wp-content/plugins/w3-total-cache/inc/popup/common/header.php
* Modified plugin file: wp-content/plugins/w3-total-cache/lib/W3/PgCacheAdminEnvironment.php

On the 3rd site:
Critical Problems:

* WordPress core file modified: index.php
* WordPress core file modified: wp-admin/index.php
* WordPress core file modified: wp-includes/functions.php
* WordPress core file modified: wp-includes/template.php
* WordPress core file modified: wp-includes/theme-compat/header.php

Warnings:

* Modified plugin file: wp-content/plugins/akismet/index.php
* Modified plugin file: wp-content/plugins/akismet/views/config.php
* Modified theme file: wp-content/themes/twentyfourteen/functions.php
* Modified theme file: wp-content/themes/twentyfourteen/header.php
* Modified theme file: wp-content/themes/twentyfourteen/index.php