In need of some urgent help. Our site (schoolmenu.com) seems to have been compromised by a virus or malware that is displaying an overlay ad over the website for viagra.
Here are a couple of screenshots.
This is a national website with parents, kids and schools from all over the country visiting, and we have been bombarded with call since early this morning.
I ran the site through all the online virus scan services (like virustotal.com and others) and they come up with nothing.
I have quickly put the site into rescue mode (on rackspace) so to try to mitigate the issue while we look into it but both our developers have looked in the code and said they found nothing.
Something is causing this.
The hosting support said to look into this: http://blog.aw-snap.info/2011/02/pharmacy-hack.html
(but this does not look like it is the same issue as our site is custom code and not joomla or wordpress)
I have put the main domain on a temp page but the site can be accessed here: http://18.104.22.168/
Please advise. not sure what else to do at this point.