Sorry it took so long to get back up - my backup had an error in it so it was bad.
I went to my ISP (they do daily backups) but the first one they had was the infected db.
They had to revert back to Sunday's backup - took 48 hrs to get it restored.
Anyway - it appears that we are being targeted by a hacker - they were not able to
get back to the hackers IP but have isolated it to a geographic location.
Appears it is someone with an axe to grind with IW - hope to catch the sucker.
I am working with SMF to see if we can block the injection point.
Once more, I am sorry for the inconvenience.
Anyone with any ideas - let me know.
Larry
Are they using a SMF back door? Depending on your ISP, you should have a way to black list an IP from within your website portal software, I had to do that a year or so ago but I don't use SMF, I write my own software so it is very generic and has no back doors script wise. SMF is far superior than my generic forum stuff and doesn't have all the cool bells and whistles.
I'd like to see these folks' butts hanging in the wind. What a despicable thing to do ... I just don't understand people any more I guess.
Good luck Larry.
I really hope you get this guy. BTW, what's up with CodingMonkey's now? I get an access denied message.