The host at this IP address is infected with the CryptPHP PHP malware.

Hello

Mostly CryptPHP PHP malware is made in image and can be in name of  social.png  in Any Directory of the server. CryptoPHP is a threat that uses backdoored Joomla, WordPress andn Drupal themes and plug-ins to compromise webservers on a large scale.
This infection almost certainly means that the infected web site has used pirated plugins from the nulledstylez.com, dailynulled.com sites or some other site that specializes in providing "nulled" (pirated) software. Fox-IT's research has shown that every pirated theme or plug-in on these two sites has been infested with the cryptophp malware.

Just Run This Command In PuTTY:-
find /home/*/public_html -type f -name social.png -exec file {} \; | grep -v interlaced

And you will se the result like this
/home/----------/public_html/wp-content/themes/bresponzive/images/social.png: PHP script text
/home/---------/public_html/sxosip.in/wp-content321/themes/sxosip/images/social.png: PHP script text
/home/---------/public_html/appbrain.in/wp-content/themes/bresponzive/images/social.png: PHP script text

It is Already Showing that this images is a PHP Script so remove all of them from the server.

 I hope It Helps.... :)
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Suspending Resellers

It is currently possible to suspend or unsuspend a reseller and all of owned accounts via the...

How to Find Spammers on cPanel/WHM

cPanel SpammersIf you deliver shared hosting services on cPanel, you likely deal with spam. As...

Mysql has failed, please contact the sysadmin

You Must be getting this error wile starting SQL from WHM (Mysql has failed, please contact the...

Site open throw ip shows 500 Interver Error

Some time we try to open your site throw ip example http://xxx.xxx.xxx.xxx/~xxxx/ and we get 500...

11 Ways to Free Up Disk Space on a cPanel Server

I’m sure that most of you have been to the point where one or more of your servers start to fill...