My sites been infected with some malware I believe is from "hostads.cn/"
I have upgraded the site and replaced all the files with the exception of most of the theme files. I have also installed the "Exploit Scanner" plug in which I have noticed has come up with a list of comments with iframes linking to these hostads.cn twats.
I have deleted all even remotely suspicious comments but the exploit scanner is still displaying them. Is this a caching issue or are the comments still somewhere in the database?
If I have cleared all the malicious code, when will Google remove the warnings from my site?