I have this exact same problem, all of a sudden. I have several domains. They are working fine, until I visit the Plugins tab in the backend. Then I get the error above and it breaks the site invariably (or at least screws things up, as I use the plugins for functionality).
I’ve never faced anything like this before. Confirmed for three domains so far. I’m not touching the rest, because I’m sure the same will happen.
Any ideas anyone?
WordPress 3.3.1. All plugins are up to date. Nothing new done to any site to warrant this. But I did have a problem recently of malware appearing on my account. It keeps causing problems, and might be causing this problem. But I don’t know.
UPDATE: for me I can confirm that this is malware. I have malware code in every php file on my server. Great. Look at the header of any php file and see if it’s the same for you. Strangely, the sites work fine until you visit the Plugins tab in WordPress.
I’m trying to find a way to get rid of this code globally.
Seems one of my sites was hacked and it’s affecting the whole account.
This happened to me on every website on my 1and1 server and what a pain in my ass it has been! I have even lost several clients.
Any luck finding a cure? I did move a WP site to HUB and they found and fixed it immediately. I am going to find out how they did it. Will keep you posted.
And yes it is malware we just have to figure out how to get rid of it.
I was able to restore from a relatively uninfected backup and then use sitecheck.sucuri.net/scanner/ to find and eliminate malware code across my domains. I then changed all passwords, including FTP, and deleted database users and created new ones. I’m looking into methods of hardening security further. An alternative path is to download your whole account and scan it locally using anti-virus software
Thanks for the update. I am checking out sucuri now.
I am having this problem and sitecheck.sucuri.net/scanner/ says my site is “OK”.
Ya, sucuri said my sites were OK as well. It’s a virus in the header.php file… I think. I will update if I find a resolution.
It’s happening to about 5 of my 20 sites as well .. just discovered about an hour ago. Will try to re-store to an earlier version and report back.
Restore to earlier version successful! Used sitecheck.sucuri.net/scanner/ and did not turn up any malware. Changed all passwords and followed @immanence advice.
Step #1: Restore all code from backup on Godaddy.com by going to FTP File Manager and hitting History, setting to a past date and restoring all directories.
Step #2: Reset password on Admin and remove all users.
Step #3: Change FTP password(s).
Step #4: Delete or change passwords to all WP website user accounts.
Step #5: Re-install WordPress.
Step #6: Change password into Domain Registration (GoDaddy)
Step #7: FTP databases from Backup (I use WP-DBmanager plugin) from website to my local hard drive. Rename each to match the domain name. Scan for viruses.
Step #8: Restore databases from backup.
I hope this helps. It’s a lot of work but I had an infection and I fixed it and then it came back. So, be diligent. Also,
I am on my 3rd wave of infection. I think even my backups are infected. I did so much work to restore from backup. Are my SQL databases infected? I have no idea where to go from here. There is .exe virus code showing up at the top of all of my .php-files throughout all of my websites. Any advice is appreciated. Or if you think you can fix this, I will pay for the help.
