It seems that I have been hacked (moodle 1.8.3). Art Lader provided me with recovery link http://docs.moodle.org/en/Hacked_site_recovery.
However, I am but a instructional designer and not an IT. When I go to my front page of my moodle I see the following (see below): Where is this file located? I would like to take that code out of there. I have looked everywhere and cannot find it.
- I am going through my cpanel in file manager. It is not in admin index.php etc.. I will upgrade to 1.9.5 once I have done this( if I can). Does anyone outthere do this for a living. I mean disinfect sites?
This is what I want to get rid of: (thanks for your support)
//]]>
</script> </head> <body class="admin course-1 lang-en_utf8" id="admin-maintenance"><i style="display:none"> xeex322705 <a href=http://art.gprc.ab.ca/moodle/query.php?str=cialis>cialis</a> <a href=http://art.gprc.ab.ca/moodle/query.php?str=buy+cialis>buy cialis</a> <a href=http://art.gprc.ab.ca/moodle/query.php?str=generic+cialis>generic cialis</a> <a href=http://art.gprc.ab.ca/moodle/query.php?str=cialis+online>cialis online</a> <a href=http://art.gprc.ab.ca/moodle/query.php?str=cialis+generic+viagra>cialis generic viagra</a>