An old WordPress install was left unattended on my hosting account and became a vulnerability. So someone uploaded malware. The malware injected this code and spread to all my php files on every website I host!! Fortunately I wasn't using all of them, so just deleted all the installs except for two important websites.
This is a sample of the code found in all the headers:
Code: Select all
<?php $cnnaijatpd = '5c%x78256<.msv%x5c%x7860ftsbqA7I downloaded a copy of my website to my Windows PC and want to know if there is a free app that I can use to easily remove the code or malware from my files? I spent hours manually deleting the malware code, but my wp admin area does not want to work - it shows:
Code: Select all
) { return $id; } ?> Code: Select all
) { return $id; } ?> return $output; } ?>How can I get the site working again?
Thank you,