The host at this IP address is infected with the CryptPHP PHP malware.


Mostly CryptPHP PHP malware is made in image and can be in name of  social.png  in Any Directory of the server. CryptoPHP is a threat that uses backdoored Joomla, WordPress andn Drupal themes and plug-ins to compromise webservers on a large scale.
This infection almost certainly means that the infected web site has used pirated plugins from the, sites or some other site that specializes in providing "nulled" (pirated) software. Fox-IT's research has shown that every pirated theme or plug-in on these two sites has been infested with the cryptophp malware.

Just Run This Command In PuTTY:-
find /home/*/public_html -type f -name social.png -exec file {} \; | grep -v interlaced

And you will se the result like this
/home/----------/public_html/wp-content/themes/bresponzive/images/social.png: PHP script text
/home/---------/public_html/ PHP script text
/home/---------/public_html/ PHP script text

It is Already Showing that this images is a PHP Script so remove all of them from the server.

 I hope It Helps.... :)
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Site open throw ip shows 500 Interver Error

Some time we try to open your site throw ip example and we get 500...

Suspending Resellers

It is currently possible to suspend or unsuspend a reseller and all of owned accounts via the...

Mysql has failed, please contact the sysadmin

You Must be getting this error wile starting SQL from WHM (Mysql has failed, please contact the...

WHM/ CPanel Server Updates Fails

Sometime When you try to install Updates from (Home »Server Configuration »Update Preferences) it...

How to Find Spammers on cPanel/WHM

cPanel SpammersIf you deliver shared hosting services on cPanel, you likely deal with spam. As...