I recently bought the Zonealarm security suite and today it earned its keep.

I use WordPress for this blog. There is a new version out so in preparation for an upgrade I download the whole of the website as a precaution. Zonealarm decreed that up.php was a back door virus.  Backdoor.PHP.c99shell.ag.  No information was available on the net. The date stamp on the file on the server was sometime in June, so it has been sitting there for a while.

The file has been deleted from the server, and passwords have been changed.