Can you see a PHP stub at the bottom of your index.php file that might be inserting this? Are you running any plug-ins that could be doing it?
Hey
Can’t find a php stub in index.php!
I’m going to switch off all the plugins and see what happens.
Do you think upgrading the WP installation would clear it?
No Good with the plugins either. I’ve searched comment and users as well… Where the hell is this thing hiding??
Very likely this came in on a plugin or template from a questionable source. A plugin could write an executable to wp-content if that dir is write enabled the first time it activated, so it wouldn’t matter if you turned it off later. So it is time to think about what you brought in, and take a close look at that code.
Also, take a look in wp-content, and check for stuff that shouldn’t be there. if you still have your download of WordPress, check the templates in your default theme to see if the time stamps match on anything you have not modified yourself.
I know, painful. Best of luck, I hope you find it.
Well you could search the content of all files for that string (or a part of it). This should lead you in the right direction.
FOUND IT!
It was in index.php after all..
and the string pointed to wp-blog-header.php where the code was duplicated…
Thanks guys, much appreciated…