Thread:Project:Support desk/Hidden texts automatically inserted in old and new pages/reply (2)

I am using this:
 * MediaWiki 1.19.1
 * PHP 5.3.29 (cgi-fcgi)
 * MySQL 5.5.36-cll

I do not allow auto creation of users. But there is a possibility that one of the admin's password has been compromised. So I am pretty sure that this code was created within the folder "z" where the wiki is located.

I have joomla but that was disabled before the hacking started.

Prior to November of 2014 I have had no problems at all.

If I can only find where those text links are located.

I found the subfolder that the hacker created and that was deleted. I thought that took care of the problem but obviously it still persists. Whenever, a new page is created the "cloaked" or "invisible" text links are immediately embedded into the wiki page. Can't see it in the source of the wiki page. Only when you test that page with the http://isithacked.com/ toll can you see it.