I didn’t notice anything in your code.
Are you sure that it isn’t from your web hosting company (i.e., they post ads on a “free” web hosting package)?
If not, has your site been hacked? Check for plugins that you didn’t install or look at your files (via ftp or your hosting account file manager) to see if there are unexpected files in your home directory.
<div class="textwidget"><script type="text/javascript"><!--
google_ad_client = "pub-5872666637068985";
/* 160x600, created 5/27/10- GO Text */
google_ad_slot = "6500032707";
google_ad_width = 160;
google_ad_height = 600;
//-->
</script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script></div>
Remove above code from sidebar.php file.
Thread Starter
reefy
(@reefy)
Appreciate your replies
websta –
Am 100% sure its not from the hosting company as i have other sites hosted on there without a problem.
I think it may have been hacked. Ive logged into the admin account and upon loading the dashboard the page redirects to something called d7.zedo.com
I can’t access my FTP either.
Any ideas as to what i can do?
chinmoy29
I can’t delete this as i don’t have access to my FTP, i think it has been hacked
I think it may have been hacked. Ive logged into the admin account and upon loading the dashboard the page redirects to something called d7.zedo.com
100% your site is hacked. Change all the access details (ftp, database, control panel, email address etc). First delete the wp instance then reupload the fresh WP instance. Now change file permission(404 for php files and 555 for css, js, html, image etc)
Thread Starter
reefy
(@reefy)
Thanks chinmoy
will deleting the wp instance n reuploading the fresh wp instance lose any of my articles?
ive already changed my ftp password
all articles now saved in database. Not need back up. just hack your file not database. But if you want so keep a backup.
But important thing is that you will keep a back up of your theme(if you changed any things in your theme ). Then you throughly chack all theme’s file. At the first line there have some encoded script(like eval(base64_decode()). Also check the bottom part of the theme’s js file.
Thread Starter
reefy
(@reefy)
Really appreciate the swift replies chinmoy
After resetting the ftp password i have noticed the advert has complete gone.
I didnt see the wp instance file anywhere. I will be updating to wordpress 3.01 in the next few days so hope to have clean files by then.
I’m just going to check the theme files now for anything that look suspect.
Again thanks for your help 🙂