installed plugin and ran scan on newcombeestate.com. Identified many issues - ran the 'fix' and all looked good so i clicked on a link to the page listed (you know curiosity :p...) to see the code (before i donated of course!) and have now got
"Parse error: syntax error, unexpected ';' in /home/content/59/5207659/html/domains/newcombeestate.com/wp-content/plugins/trackable-social-share-icons/index.php on line 1"
I recognised the plugin so i went to remove the plugin but the page reloaded to the error, then checked the website and got the error and now i can only view this error! cant load website or get to wordpress dashboard????
I am so out of my depth!
How do i fix this?
http://wordpress.org/extend/plugins/gotmls/
Your site is working now. It looks like my plugin must have broken the syntax in that plugin file when it removed the threat.
Can I have a look at the backup of the infected file so that I can see why it broke?
You can email attachments directly to: wordpress at ieonly dot com
Mahalo,
Eli
the plugin for the most part worked as promised! Thank you. There was a little piece of code/text left in 2 index.php files. Once I removed those the site worked.
Overall the plugin helped tremendously - it would have been painstaking to have manually tried to remove all the malware code on each file that was infected - having to fix only 2 was a blessing.
I emailed you a file I hope it helps.
Thanks again.
i still have 59 potential threats identified, each with the same code...
eval("?>$content<?php ")
is this something i should watch? Do you ahve any more data on that or know why you have it 'found' in the code?
I guess it just makes me nervous to see that many highlighted.
Thanks
Thanks for that file you emailed! I can now see why it broke and I will be updating my definitions soon to fix that.
As for the "Potential Threats", I generally don't worry about them and have been trying to figure out how to play down the importance of them because they are usually not malicious at all. However, I do find it suspicious that you have 59 of them that all eval that $content variable. Without knowing what that $content variable is set to I cannot say how dangerous it is. Could you send me one of those files too, or post more of the code?
Mahalo, Eli
I updated the definitions to handle that code removal better so you don't get left with a syntax error.
Thanks for your help identifying the problem.
Aloha, Eli
