By 2.2 installation was being hacked into and spam hidden links dumped into index.php. I didn;t notice until google decided to ban me (they have now reincled my site). But even though i've updated to 2.3.3 it keeps happening.
I have disabled all plugins.
I have chmod'd wp-includes as recommended
Any ideas what else i can do - has anyone seen this before and can advise please