Site infected with PHP Script

  • Our web host, Bravenet, notified us that we have a possible PHP script issue on our site: https://www.dallashandknittersguild.com.

    I’ve seen several spam posts under a former admin’s profile. I delete them, but they keep coming back even after I changed the profile from “contributor” to “subscriber”. I’ve now deleted that profile altogether. But I think they’re related to the PHP scrip issue.

    Bravenet provided the following info:

    Threats found during site scan:

    /dallashandknittersguild.com/wp-content/plugins/wp-db-backup-made/system.php: PHP.Shell-38 FOUND
    /dallashandknittersguild.com/wp-content/plugins/wp-db-backup-made/w5304n.php: Trojan.PHP-43 FOUND
    /dallashandknittersguild.com/wp-content/plugins/wp-db-backup-made/lindex.php: Trojan.PHP-43 FOUND
    /dallashandknittersguild.com/wp-content/plugins/wp-db-backup-made/wp-conf.php: Trojan.PHP-43 FOUND
    /dallashandknittersguild.com/wp-content/plugins/wp-conf.php: Trojan.PHP-43 FOUND
    /dallashandknittersguild.com/wp-content/wp-conf.php: Trojan.PHP-43 FOUND
    /dallashandknittersguild.com/wp-conf.php: Trojan.PHP-43 FOUND

    I don’t know how to clean this up. Please help.

Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Site infected with PHP Script’ is closed to new replies.