So, we got this strange virus on one of our servers. It added a hidden iframe script to the bottom of every html page, only in the root directory of the server. The link was pointed to a music site that was hacked, sending to a counter.php script of some kind ( I couldn't get the code ). I figure that someone wanted to boost rankings so instead of buying rankings, or whatever they payed someone for BH SEO. I find this amusing, it's some kind of exploit maybe due to a poor password but. All the files had the exact same time stamp, which is why i think it was a bot. It reminded me of the really old Nimda virus. Anyone have any ideas?