Hi
I had the 45563131x.jpg picture inserted in my Path to custom header include in the config tab (logged in as administrator). That picture is not a picture but a script (just url it in IE) which is uploaded to the userpics map. Remove the include header setting and delete the file, the problem of the counter applet etc. and the ccfelomvhk.com thing are gone. I have some probably youngsters logging in to my gallery as registered users and changing these settings. I am curious how they inserted the code on the config tab. U might want to restore to default settings if anything else has changed and reconfigure.
The only way i saee to avoid this is to aks wordpress to rewrite security settings or to only use validated users or email confirmation (I didnt do both).
