Andrew MitrohinMy hosting told me that my sites sending spam and disabled me. I use themes Argo and Simplex. They send out spam! Check!
./appdike.com/ld/index.php
./appdike.com/hyr/index.php
./appdike.com/irn/index.php
./appdike.com/knm/index.php
./appdike.com/yyy/index.php
./appdike.com/pf/index.php
./appdike.com/poi/index.php
./appdike.com/at/index.php
./appdike.com/pmd/index.php
./appdike.com/gyi/index.php
./appdike.com/zy/index.php
./appdike.com/ie/index.php
./appdike.com/qd/index.php
./appdike.com/kcd/index.php
./appdike.com/qda/index.php
./appdike.com/ixb/index.php
./appdike.com/og/index.php
./appdike.com/rsq/index.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/emsrnzub.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/ytnoopjhu.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/mqyzpzwer.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/pwaeglyg.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/rdwvkpzb.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/cjyzrsyo.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/sitedata.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/ssdqxpz.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/sbcnv.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/suly.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/bdixjxl.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/mrwkmr.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/sss.php
./appdike.com/wp-content/plugins/easy-digital-downloads/includes/libraries/googlechartlib/icons/chasi56.php
./85tolife.com/wp-content/themes/dw-simplex/oymlzk.php
./85tolife.com/wp-content/themes/dw-simplex/jaqs.php
./85tolife.com/wp-content/themes/dw-simplex/templates/homepage-4.php
./85tolife.com/wp-content/themes/dw-simplex/hiylcondx.php
./85tolife.com/wp-content/themes/dw-simplex/blocks/blog.php
./85tolife.com/wp-content/themes/dw-simplex/vatb.php
./85tolife.com/wp-content/themes/dw-simplex/kmlrx.php
./85tolife.com/wp-content/themes/dw-simplex/gqdtxr.php
./85tolife.com/wp-content/themes/dw-simplex/pqcfrnkny.php
./85tolife.com/wp-content/themes/dw-simplex/inutg.php
./85tolife.com/wp-content/themes/dw-simplex/anmpbg.php
./85tolife.com/wp-content/themes/dw-simplex/cwzmegsrj.php
./85tolife.com/wp-content/themes/dw-simplex/mhqy.php
./85tolife.com/wp-content/themes/dw-simplex/chasi56.php
DominicHi Andrew, Hope that you are well today. From the info you provided above, we checked and the problem didn’t come from our themes. Please contact your hosting provider to check again first so they can help you find the proper solution to stop this.
Hosting says that there is a vulnerability in the сode in the theme Simplex.
Andrew MitrohinWhy do I need an encrypted file maiink7.php???
mainik7.php
Host response:
If you no longer need a template dw-simplex, then recommend it to completely remove because it contains a lot of malicious scripts. Most likely it was with him and began infecting the rest of your site.
Also Argo template
Please login or Register to submit your answer
replied 10 years ago
Here he wrote hosting:
With your account with the domain being appdike.com delivery SPAM `a. Apparently site is
infected with viruses. In order to prevent mailings domain has been disabled.
Return-path:)
Received: from u253048 by team33.e-planet.ru with local (Exim 4.80.1)
(envelope-from
id 1WtS1F-002rXE-AA
for [email protected]; Sun, 08 Jun 2014 05:35:33 +0400
To: [email protected]
Subject: Fw: He he, Tanned dark haired grandma sucking till facial
X-PHP-Script: appdike.com/wp-content/themes/dw-argo/inc/gallery/css/dirs.php for 46.105.37.61, 46.105.37.61
X-PHP-Originating-Script: 825:dirs.php
From: “Jacklyn Cannon”
Reply-To:”Jacklyn Cannon”
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: text/html; charset=”iso-8859-1″
Content-Transfer-Encoding: 8bit
Message-Id:
Sender: u253048
Date: Sun, 08 Jun 2014 05:35:33 +0400