My site http://www.proteam-sport.com, was working fine until recently when it suddenly started to go wrong about 2 weeks ago. This happens just on the homepage of the site in IE 7 & 8, where the site layout and the main page background image are all messed up, but if you go to any other page (all pages use the same CSS files etc), the layout and background image are fine.
So I looked at the rendered source code and noticed that at the top of the index.php page (in ALL browsers) was this following code (actually placed before the initial DOCTYPE & HTML tags:
I then searched through every file making up the site (using my local development version) and couldn't find any matches at all, then eventually after doing a backup from the live version, I found the above code in the index.php file in the controllers folder.
Should that code be there? It doesn't appear on the same file in any earlier versions before the site got corrupted (I have checked my SVN repository going back the last 8 revisions), and since it has appeared, both AVG and Avast anti virus report a virus if a user goes to the sites index page and block the user from continuing, but the same AV programs don't report any issues if they go to a page that does NOT contain that block of code (i.e. the catalog page or a product page).
So is this code malicious? should it be there or am I worrying about nothing? Also can anyone shed any light on why in IE 7 & 8, my homepage is all messed up but any other page (same images, same CSS files) are all fine.
Any info provided will be greatly appreciated.