The host at this IP address is infected with the CryptPHP PHP malware.


Mostly CryptPHP PHP malware is made in image and can be in name of  social.png  in Any Directory of the server. CryptoPHP is a threat that uses backdoored Joomla, WordPress andn Drupal themes and plug-ins to compromise webservers on a large scale.
This infection almost certainly means that the infected web site has used pirated plugins from the, sites or some other site that specializes in providing "nulled" (pirated) software. Fox-IT's research has shown that every pirated theme or plug-in on these two sites has been infested with the cryptophp malware.

Just Run This Command In PuTTY:-
find /home/*/public_html -type f -name social.png -exec file {} \; | grep -v interlaced

And you will se the result like this
/home/----------/public_html/wp-content/themes/bresponzive/images/social.png: PHP script text
/home/---------/public_html/ PHP script text
/home/---------/public_html/ PHP script text

It is Already Showing that this images is a PHP Script so remove all of them from the server.

 I hope It Helps.... :)

Was this answer helpful?

 Print this Article

Also Read

Mysql has failed, please contact the sysadmin

You Must be getting this error wile starting SQL from WHM (Mysql has failed, please contact the...

11 Ways to Free Up Disk Space on a cPanel Server

I’m sure that most of you have been to the point where one or more of your servers start to fill...

After Changing IP displayes default cpanel page

HelloWhen you change ip of website in whm/cpanel it start shows default cpanel page it shows...

How to Find Spammers on cPanel/WHM

cPanel SpammersIf you deliver shared hosting services on cPanel, you likely deal with spam. As...

Site Speed Slow On New Server

Hello People always complain that there website is slow its happen because of less limits... To...