Script Pulse
Trade Pulse => Trade Pulse Support => Topic started by: invisible on March 07, 2009, 09:20:48 AM
-
Just an hour ago I logged into one of my sites and was prompted to do an update. None of my other sites (they're all running V1.0.2 13) asked for the update.
I clicked it and the file that was updated was footer.php
Ok, so i go to surf my site, just checking trades etc, and get "google-search.ro is an attack site ..." in fire fox.
I checked in maxthon and chrome same thing
I want to repeat. I had surfed the site before the "update" and it was perfect, no attack site warning.
After looking around the server, scanning my pc, I found this at the bottom of one of my toplist templates
--- CODE REMOVED -- may cause false positives from anti-virus software
I deleted it, copied footer.php from one of my other sites and now its back to normal.
This is really messed up guys. Please take a look at this
-
Now I'm getting this fake update on a lot more sites
Fake update:
(http://img26.imageshack.us/img26/6194/fakeupdate.jpg)
Normal site
(http://img17.imageshack.us/img17/4900/normalp.jpg)
-
before we can check anything I need ftp data, please send me open ftp access (no ip-blocking) to info@scriptpulse.com ASAP so we can check this early in the AM since it's 4am here.
Also gimme url to some of your TP admins and username/pwd...also over email...
Waiting for email, cheers
-
Thanks ip0li. email sent