Fred Siver

Forum Replies Created

Viewing 1 post (of 1 total)
  • Author
    Posts
  • in reply to: Recurring Obfuscated PHP #1779

    Fred Siver
    Member

    Hello Eli,

     

    We have donated many times to you/your plug-in, and it had been a godsend. Your plugin has found every malicious file we have encountered thus far. With that said, we continue to have an infection with obfuscated php showing up in our wordpress files. We have found PHP Backdoors within our WordPress files (ex.: wp-config.php, wp-settings.php, etc.) which create PHP shell scripts in new PHP files, sometimes with plausible names (assumingly to prevent manual deletion) other times with random names; all files have either been infected PHP files, or newly, maliciously created PHP files. I was wondering if you had any idea as to why they continue to regenerate, even when your plug-in says we have repaired all PHP Backdoor files by removing the PHP Backdoor script(s), and deleted the PHP Shell files.

    This is a wide spread infection that has infected most of the websites I have in the same cPanel hosted as addon domains.

    Again I was wondering if you had any ideas as to why my websites continue to be reinfected and/or would be kind enough to look in to one of my websites in order to pinpoint the problem.

    Thanks,

    Fred Siver

Viewing 1 post (of 1 total)