If the xenforo files check out as 100% ok, then at least no code injection was done causing an adlink to be inserted. For themehouse you'd have to ask them I assume.
You could do a CLI for linux to go through all the dirs recursively and find the files containing viglink in it. If it's a theme .xml or plugin .xml that's also on the server you might catch it too.
You could search within phrases for "viglink" and see if it comes up
And of course search within templates for "viglink" and see if it comes up.
Maybe go through the admin > options > and see if there's any plugin that has a setting for including viglink perhaps?
Maybe the users browsing the site have malware installed or infected, or some addon for their browser that changes keywords on the sites or links on the site with viglink content. Changing browser for the same content might give it away.
Finally, if you right click on the element where it happens and click inspect, you can trace back what the code is, where it's being called from (like yourserver.com/js/something.js/ or whatever) and maybe that will disclose how it gets on your site.
