64.gif

Search (advanced search)
Use this Search form before posting, asking or make a new thread.
Tips: Use Quotation mark to search words (eg. "How To Make Money Online")

09-29-2013, 12:19 PM
Post: #11
RE:
(09-29-2013 11:41 AM)Metalpriest Wrote:  
(09-29-2013 04:56 AM)nyman7788 Wrote:  
(09-29-2013 03:43 AM)Metalpriest Wrote:  Masagana theme was downloaded from http://www.paddsolutions.com/wordpress-theme-masagana/
It has 3 viruses in it. Then I found it on randon websites, but it had atleast one virus.

Thanks a lot nymann! More +rep for you!
here is masagana i think this one is very clean download here and let me know http://www68.zippyshare.com/v/80258556/file.html
Infected!! Here is report
http://virusscan.jotti.org/en/scanresult...dd62799ebb
Virustotal also shows 4 infected!
It is hard to get clean copy for it! Sad

VT https://www.virustotal.com/en/file/0280c.../analysis/
Infected!
maybe because its old thats why. how you going to get a clean one if the original source gives infected file
09-29-2013, 05:18 PM
Post: #12
RE:
Exactly...thats what I was saying. All originals are infected..
[Image: 728x90-1.jpg]
09-29-2013, 05:46 PM
Post: #13
RE:
(09-29-2013 11:41 AM)Metalpriest Wrote:  
(09-29-2013 04:56 AM)nyman7788 Wrote:  
(09-29-2013 03:43 AM)Metalpriest Wrote:  Masagana theme was downloaded from http://www.paddsolutions.com/wordpress-theme-masagana/
It has 3 viruses in it. Then I found it on randon websites, but it had atleast one virus.

Thanks a lot nymann! More +rep for you!
here is masagana i think this one is very clean download here and let me know http://www68.zippyshare.com/v/80258556/file.html
Infected!! Here is report
http://virusscan.jotti.org/en/scanresult...dd62799ebb
Virustotal also shows 4 infected!
It is hard to get clean copy for it! Sad

VT https://www.virustotal.com/en/file/0280c.../analysis/
Infected!
PHP Code:
<div class="clearer"></div>        </div>    </div>    <div id="footer">        <div id="footer-wrapper">            <p>                Copyright © <?php echo date('Y'); ?> <span class="url fn org"><?php bloginfo('name'); ?></span>.<br />                <a href="http://www.paddsolutions.com/wordpress-theme-masagana/" title="Padd IT Solutions">Masagana WP Theme</a> is designed by <a href="http://www.mobilx.dk" title="Mobil X" >Mobil X</a>.<br />                In collaboration with <a href="http://find-greatdeals.com/freeringtones/" title="Cell Phone Ringtones">Cell Phone Ringtones</a>, <a href="http://www.cheap-car-insurance-tips.com" title="Car Insurance">Car Insurance</a>, and <a href="http://www.archicentral.com/addresses/s-pennsylvania-c-philadelphia-b-architects.php" title="Philadelphia Architects">Philadelphia Architects</a>.            </p>            </div>    </div></div></body></html> 

This is the code of footer.php, replace it and scan again.
09-29-2013, 05:52 PM
Post: #14
RE:
U can decode the "eval gzinflate base64_decode" PHP code by the link:
http://www.tareeinternet.com/scripts/decrypt.php
10-01-2013, 10:21 PM
Post: #15
RE:
Update Mirror:
http://www.mirrorupload.net/file/15YLRTW...etheme.rar
8.gif




34.gif