Detected 1 occurrence(s) of ‘\?php.*(eval|urldecode)\(.*\>’: print("\n\ERROR: {$finfo['path']}{$finfo['fname']} will not be auto-deleted, you have to delete it manually if you think it's a threat!" . $fe1 . ' on line: ' . $cnt . "\n\n"); } } // known infection - can be auto-cleaned elseif(preg_match('#^(.*)<\?php(.*)eval(\s*)\((\s*)base64_decode(\s*)\((\s*)(.*)(\?><\?php)*\n#i', $tmp, $matches)) { if($print_infected) print "{$finfo['path']}{$finfo['fname']}"; if($print_infected || $print_all) print "...INFECTED"; […]
↧