I discoverd the source, and it was older versions of photopost that were installed on a variety of boxes, a remote file inclusion exploit with the zipndownload.php script. If you're running photopost 4.6 or earlier, delete that file. <img src="https://www.ubbcentral.com/boards/images/graemlins/tongue.gif" alt="" />
