Sash11

Thank you, wfalaa! Will do that.

I did. I had a lot of files infected. Some of them were able to restore, some I cleaned manually. Now I am down to three files, all from wordfence directory. And I don’t know what to do with them.
If noone can help, I’ll just delete directory and reinstal wordfence. Can’t do any harm to it, I guess

Here is the copy/paste

This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “explode(chr((198-154)),’5785,49,4594,30,5177,40,335,67,4968,24,4399,61,3676,56,4035,22,3550,35,1191,37,1807,65,4568,26,3208,20,5516,70,2887,31,”. The infection type is: Backdoor:PHP/eawtliul.