I have this php file i noticed today embedded in my footer, its in an "iframe" i've looked in config, the global footer.php file but no reference to it is there, I then tried looking in nuke_pages but am unfamiliar with the phpmyadmin on my server..

Worst thing about it is its some "pornopervoi" site, and recently i've been picking up an infected html file off my site, i'm wondering if the 2 are linked.

I'm running Nuke 7.6 straight out the box I haven't done anything to it.

__________________
<a href="http://www.eow-clan.co.uk" target="_blank"><img src="http://img410.imageshack.us/img410/6644/sig5di9.jpg" border="0" alt="Devastator" </a>

I REALLY need help with this guys I just picked up another trojan.. one of you must know how to use SQL better than I do or shall I just reinstall the whole thing?

__________________
<a href="http://www.eow-clan.co.uk" target="_blank"><img src="http://img410.imageshack.us/img410/6644/sig5di9.jpg" border="0" alt="Devastator" </a>

1 Have you tried to look in footer.php file if there is that iframe code in there.
2 Log in admin and preferences scroll down and there are three footer boxes see if you got that iframe code in there if so delete the code and I recommend that you change your admin user name and password as soon as possible than find the iframe code as as soon as you take it out the bot will put back.

3 Look in index.php file in your root and normally its found at bottom or top.

__________________
Govindji Patel
http://www.thenicheonline.com/learn2earn
http://gbpcentral.com