I did a site for a customer selling energy efficient lighting using oCommerce software. He contacted me this morning saying one of his clients emailed 'I tried to get on your website and received a warning that it was packed
with Win 32 Katusha 0 virus.'. I googled this and it appears to be connected with a line that has appeared in the first line of every php file saying: '<?php /**/eval(base64_decode('aWYoZnVu................19fQ== ')); ?>. It appears on every php file I've looked at in the site, and there must be hundreds of them.
Can anyone shed more light on this for me please?