Webair and Tube Ace People - Inside Plz

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • CPimp
    Confirmed User
    • Aug 2009
    • 2346

    #1

    Webair and Tube Ace People - Inside Plz

    Have any of you who have purchased Tube Ace, tried to install the script on webair, to get an email saying one fo your files has a virus in it? The file in question is the following

    /yourdomain/admin/select_default_thumb.php

    Webair's FTP antivirus thing removed the string of over 200 lines of characters following the end of the zend code in the file, but a lot of the other files have it too, the ones I looked at, anywyas,

    These are files that were sent to me by the person who purchased 2 scripts, and he never unzipped the folders.

    I had him look at them today and the files are the same as what I got.

    Any ideas?
    three 997 three 55 three 1 ← That's my ICQ. Contact me there. Thanks.
  • WebairGerard
    Confirmed User
    • Sep 2005
    • 8113

    #2
    It could be a false positive. Please feel free to contact us to help you further with this. Thanks.

    Comment

    • CPimp
      Confirmed User
      • Aug 2009
      • 2346

      #3
      Originally posted by WebairGerard
      It could be a false positive. Please feel free to contact us to help you further with this. Thanks.
      I am on support with Hristo right now, and been for the last 30 minutes over this.

      Last night the owner of the account I am working on got an email saying I uploaded a file with a virus onto the server, and that it has been removed and my ftp password changed.

      Here's a copy, with identifying details removed:

      Dear Client,
      >
      > On Thursday April 1st 01:43:42 AM we detected that a file that was
      > uploaded to your account via FTP contained a virus. To help protect your
      > account our system automatically cleaned the infected file and reset the
      > password of the FTP account. Please see details of this incident below:
      >
      > DATE: Thursday April 1st 01:43:42 AM:
      > FTP Username: <removed>
      > NEW FTP Password: <removed> (Please Note: The password has been changed to
      > prevent any future virus uploads).
      > IP ADDRESS: <removed>
      > INFECTED FILE:
      > /usr/www/virtual/<removed>/www.<removed>.com/admin/select_default_thumb.php
      three 997 three 55 three 1 ← That's my ICQ. Contact me there. Thanks.

      Comment

      Working...