My server was also hacked. Sounds very similar to the Danish1977 post
http://www.php-fusion.co.uk/forum/vie...post_77801 except that the message started "this server has been hacked by Silahsiz Kuvvetler The Turkish hacker"
Again involved overriding index.php, including the one on server pointing to phpMyAdmin which did make restoring a bit difficult. All is well (I hope) now except for one annoying problem. I can't get rid of the hacked index files inside individual photoalbum albums, even though albums appear to display properly. I get fatal error messages whenever I try to change permissions or edit or delete index.php files. Permission chain is index.php 644, album_n 755, photoalbum 777. When I upgraded to 6.04.4 I had a lot of issues with photo album so was a mix of the auto upgrade and manually adding missing files. Any hints where to go next.
Thanks
John