Malware detected problem in ms-setting.php – Help!

Here’s the code on pastebin

https://pastebin.com/5JxegnjX

Uh. THAT is wrong.

Delete the entire wp-includes folder.

Download a fresh instance of WP here: https://www.ads-software.com/download/

Upload that, and then change ALL your passwords.

I suggested deleting your entire install and reinstalling from a backup.

If it is feasible, then wipe the database clean and reimport using the WordPress importer (scrubs out any potential nasties from the database. If that isn’t feasible, then make sure you comb through the database looking for any bad stuff that might be in there.

Hey torykd

Make sure you disable PHP execution in your includes folder as well and verify your perms on directories and files.

Good luck.