This all looks very suspicious.
I think you may have had your server compromised, if I had to speculate.
Obviously we can't be sure, but there's a few things that don't quite add up here.
First step to return to normality...
Download version 1.1.3 of XenForo (full not upgrade) and re-upload all of the files.
That will hopefully replace any files that have been tampered with.
There's every chance that the files will get tampered with again, though, so even the above steps may fix the site, it won't necessarily mean it won't happen again.