This is post is now quite old and the the information it contains may be out of date or innacurate.
Well known is how Loaded Commerce/CRELoaded protect their google banners they wack on all opensource versions of their code.
Once you have removed the footer in the current version though, it checks the output buffer and you will find it after the closing html tag of your page.
The function that does this is cre_uregisterBasicFunctions(); and if you remove the call to it from application_bottom.php, bye bye ads!
Scarily, if a hacker got control of www.loadedcommerce.com, php code could actually be inserted into EVERY Loaded Commerce installation that doesn’t remove this.