A clients website has been and I'm trying to figure out how this could have happened.
Any ideas how HTML/framer could have been placed on the server and how to remove it? I've found lots of threads on how to remove it from a personal computer but nothing for a web server.
Anyone have any ideas?
EDIT: I know the problem exists in the index.php file because when I download the it and try to open it I get access denied and my avg alerts me of HTML/framer. I've tried deleting index.php off the server and replacing it with a backup copy but this doesn't seem to solve the problem.
Also, I've noticed a website being called when loading the index page (icq-mobila.ru) Seems whoever this hacker is, he's Russian.