For about a year, my site has had the following files injected into the file system:
Currently, I have the following plugins activated:
- Better WP Security
- WP Remote
In the past, I have also had the following plugins activated:
- AddThis Social Bookmarking Widget
- Block Bad Queries (BBQ)
- Broken Link Checker
When I have discovered a hack, I have overwritten the remote site's files with a newly unzipped copy of the current WP version files.
I recently updated to WP 3.8, and Better WP Security's file change warning just warned me that today the same files are back.
Any ideas on how to stop this happening?