Are you hosted at Network Solutions? Found these...
That URL redirects to coripastares .com which in turn seems to use a
browser exploit to serve malware. You will need to remove that before
you submit a reconsideration request and make sure that all of your
pages are checked and cleaned for the same kind of issue. If you
Google for "x-traff .info" and "coripastares .com" (both without the
spaces I put in there to make sure you don't click on the links :-))
you will find other webmasters who have run into similar things on
In general, this appears to have been left by someone who has gained
access to your site and/or server. You will probably want to follow up
on that and try to assess how they managed to gain access so that you
can fix the issue. http://groups.google.com/...ead/48967466d1469c55
(1) The hack is an <iframe> exploit that is currently affecting Network Solutions' UNIX servers ONLY. If you are using a Windows Server package, it's not a problem.
The hack is simple: somehow the hacker exploits a vulnerability in YaBB 2.1 to put <iframe> redirect links in the bottom of each Index page, throughout your site. That means, not just YaBB's indexes, but also any other index.php or index.html file anywhere in your FTP server.
The symptoms are these: the redirect points the browser to x-traffic.info, a spammer's site, which then redirects to coripastares.com, another spammer's site. It then loads a Java exploit which most virus scanners should have no problems with. However, somehow this exploit causes Firefox browsers on PCs only to type backwards. Every word becomes sdarwkcab, you follow me?
The solution in both cases for users is to clear the Java console memory. Not the Temporary Internet Files, but the JAVE CONSOLE files. This is accomplished in various ways, but basically just go to the Java engine's specific menu and find the clear cache button. http://forum.joomla.org/...p?f=267&t=270479