Did anyone ever figure out how to clean this mess up? I’ve got the same thing. There’s a file called wp-manager.php. It was placed in the contents directory. From what I can tell it was a fairly advanced hacking tool designed to go through your entire site and identify index files etc. There was also a javascript cache file and another file. I deleted all of these and still I have a cache subdirectory which keeps filling with spam and spam appears on a hidden layer on all my posts and pages. The problem went away briefly when I updated to 2.8 but now is back same as ever.
Google has threatened to delist me. What can I do?
