No announcement yet.

Do I have a possible "footer" hack?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Do I have a possible "footer" hack?

    I been running fine for years with always the latest licensed versions of Vbulletin and VBadvance with no problems.

    Until the other day, I had some SQL database errors, but I was able to repair the database, but then I notice that when viewing the main page (the cmps_index) one, I get a timeout message, and looking at the source in my IE browser, I noticed this:

    <!-- vBadvanced 4-8-6-6-6 -->
    <a href="hxxp://"></a>
    <a href="hxxp://"></a>
    <a href="hxxp://"></a>
    <a href="hxxp://"></a>
    <a href="hxxp://"></a>
    NOTE: I changed the above normal "http://" to hxxp://" as it seems those sites are not so good sites!

    It only appears on my VBA front page, all the other bulletin forum pages are normal, site runs fine, no other issues.

    I try to do a google search on my findings, and I only get a few weird different lang. sites talking about it, no english site, and they all reference that this comes with the non-legit VBSEO "nulled" scripts.

    But I am only using VBA and Vbulletin and both of those products are legit, and I never installed any "nulled" scripts, and don't even know what they are.

    Any help in solving this, or finding out how to rid it completely would be helpful, as editing the .php or replacing it, just brings in back again, so it must be linked somewhere on my server some-how.
widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.