malicious code warning in url visited

I just downloaded your business theme, uploaded it into my server, activated it using "test drive" plugin, then it wound up giving the death of white pages on my site. I had to totally, thank goodness I made backups, reload my files and database. I then only turned on buddypress all worked fine with your community theme, the theme I had been playing with--this is another domain, not the one in that support forum, this domain is not announced to the public yet. I then carefully went through, all worked well, then I uploaded your business theme and child theme, when I clicked on preview mode, since I had turned off all plugins including test drive, I get a serious warning, see image it also took my browser to and the home page automatically. You can see the IP redirect that launched right when I clicked activate for your theme.

Now I'm on an Apple machine, so hopefully there are no problems because the warning was for Windows, but it did redirect and try to launch someething before I closed it out. See attached screen capture. Just want to let you know, I think those files have a problem. Thanks, rg.

  • rolandogomez

    Yes, the buddypress business feature. All I can tell you, it's a fresh website, nothing but one user and a bunch of plugins. At first I thought it was "test drive" plugin, as I had tried to use it once I uploaded your files, but turned to find out, after I deactived all the plugins, wiped my database clean, reinstalled WP3.0, reloaded the database backup, then only turned on buddy press, no other plugin-n. All worked fine with default plugin and the community theme I reloaded. Checked all the links, all good, then I immediately uploaded the business feature theme for BP/WP3.0, went to the appearance menu, then themes, then hit preview on the child theme for business feature, then in preview mode, clicked on a couple of links, then it all started from there on it's own. So I quickly grabbed screen capture and closed the windows out. I went to the site, all white pages, so I deleted the theme, all went back to normal.

    Just FYI. Was just playing with this domain and your themes while I await answers over on the community theme forum for my live site :wink: I'm on a Mac machine and haven't had a virus in over ten years using Macs. :wink: Thanks, rg.

  • Tammie

    @rolandogomez: What test drive plugin are you using and is it compatible with wordpress 3.0? We do have a reference to it's just an author url and there should be nothing malicious at all in relation to that. This is literally the only reference:

    Theme Name: Business Feature
    Theme Date: 12/07/10
    Version: 1.3
    Theme URI:
    Description: BuddyPress feature makes your content take center stage with many ways to display and a high impact colour scheme
    Author: Tammie Lister at Logical Binary (Incsub)
    Author URI:
    WPD ID: 146

    I just did an entire code search on those files and this is all I found as you can see it's not malicious. I am also on a mac.

  • rolandogomez

    I found this on your site here, don't remember the if I got it from there, but I found it while searching on this site. It works just fine on my, have tested at leat six themes and even spent hours with it last night converting to your community theme, did all the customizing in it just fine. On the other site, I just activated it to test from your community theme to your business features theme and that's when it went nuts. I hope that helps. Now if I can just get someone to answer my questions in the community theme support forum, I'd be might happy :wink: Thanks, rg.

  • Tammie

    @rolandogomez: Well currently all I can think happened was you clicked the theme by author link and that took you to that site and there is an issue up there with a hack (upside thank you for bringing that to my attention). Until I can analyse more I've taken lb offline as that solves anyone going there. I hope you understand I had to look at the issue with regards to your claim of malicious code above a theme issue but I will look now.

    EDIT: It was this fairly sure you just linked to the author url and the site you went to had the issue not the theme or anything relating to this. My apologies you experienced this however almost certain now this was the issue.

    I will be changing the name of the post you made here as feel it needs explanation so hope that is ok.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.