Webair and Tube Ace People - Inside Plz

[CPimp]

Have any of you who have purchased Tube Ace, tried to install the script on webair, to get an email saying one fo your files has a virus in it? The file in question is the following

/yourdomain/admin/select_default_thumb.php

Webair's FTP antivirus thing removed the string of over 200 lines of characters following the end of the zend code in the file, but a lot of the other files have it too, the ones I looked at, anywyas,

These are files that were sent to me by the person who purchased 2 scripts, and he never unzipped the folders.

I had him look at them today and the files are the same as what I got.

Any ideas?

[WebairGerard]

It could be a false positive. Please feel free to contact us to help you further with this. Thanks.

[CPimp]

Quote:

Originally Posted by WebairGerard

It could be a false positive. Please feel free to contact us to help you further with this. Thanks.

I am on support with Hristo right now, and been for the last 30 minutes over this.

Last night the owner of the account I am working on got an email saying I uploaded a file with a virus onto the server, and that it has been removed and my ftp password changed.

Here's a copy, with identifying details removed:

Dear Client,
>
> On Thursday April 1st 01:43:42 AM we detected that a file that was
> uploaded to your account via FTP contained a virus. To help protect your
> account our system automatically cleaned the infected file and reset the
> password of the FTP account. Please see details of this incident below:
>
> DATE: Thursday April 1st 01:43:42 AM:
> FTP Username: <removed>
> NEW FTP Password: <removed> (Please Note: The password has been changed to
> prevent any future virus uploads).
> IP ADDRESS: <removed>
> INFECTED FILE:
> /usr/www/virtual/<removed>/www.<removed>.com/admin/select_default_thumb.php