Adwords says malware. Can't find anything

Hi,

I have a problem of cleaning one of my friends sites from malware “found” by google adwords, because I can’t detect the bad file/s, I want to ask you for helping me with this issue.

We get regularly an email by google adwords, that they have to stop a campaign, because of malicious content. So we took some steps to identify and remove it including

• moving the site to another server
• installing wordpress instead of just moving it
• installing of all needed plugins
• installing of new clean version of theme (but copied self-made modifications, after checking the files)
• copying images in wp-content/uploads to new server. Deleted everything, thats not an image or pdf from that folder
• searching database for iframes etc. then import it to the new site
• scanned it with wordfence, Anti-Malware Security and Brute-Force Firewall and LMD without any results except for some harmless “changes” in core files added by the german version
• Checking google webmaster tools (it says everything is safe)

After calling adwords, they have sent me an email with a link, which looks like malware by teaserguide look here or here (can i post the complete link which they have sent me here?).

As default_keyword there is a link to this site, but i can’t find anything about an iframe in the source code.

I have searched in all website files for “var a=”‘1Aqap” without any results. header.php, nav-menu.php and .htaccess don’t look weird.

Do you have some ideas, what else I can do to find the evil file/entry?