Hi there, i have this problem:
Various pages of my site (tipically: html, php and js) are affected by a trojan horse (JS/Kryptik.ADZ for NOD32).
The code in each type of page is like this:
PHP:
#336988#
echo "<script type=\"text/javascript\" language=\"javascript\" > CODE OF MALWARE </script>";
#/336988#
JS:
/*336988*/
CODE OF MALWARE
/*/336988*/
HTML:
<!--336988-->
<script type="text/javascript" language="javascript" >CODE OF MALWARE</script>
<!--/336988-->
So i use Notepad++ and regex to replace malware with blank text.
My regex is this:
(<!--|\#|/\*)336988.+/336988(-->|\#|\*/)
But only HTML is found by this expression. Why?
I don't understand.
I'm sorry if my english and my knowledge of regex is poor.
Thanks
Carlo