Hi , i have read several posts here about hacked websites and i have followed every stedp and i still get this problem. Let me explain.
1.- I have all my websites redirected from http://xyz.com to http://www.xyz.com
2.- One day i wrote in the navigation bar the http://xyz.com and got a message about the header output etc etc
3.- I went to google webmaster tools and i found there a code that was marked as suspicious by google its an IFRAME
4.- I first found it in my INDEX.PHP file and deleted it,
5.- It appeared again in about an hour.
6.- I deleted all my SQL databases and RAN Karspersky in my MAC and it found some trojans, which were deleted by the antivirus.
7.- Then I Changed my CPANEL password to something super strong, downloaded a new version of WordPress its the latest its 3.1.2
8.- Scaned with karspersky the donwloaded file and then uploaded it to my Cpanel.
9.- Created super strong USER and PASSWORD and new SQL with STRONG password and applied SECRET KEYS generated with wordpress key generator.
10.- And forgor to tell you that the CONFIG.PHP and CRON.PHP in this NEW wordpress version have NO php closing tags at the end of the file, so I ADDED THEM to the files.
So, anybody could think its done? NO, in about 2 hours the IFRAME came again!
My hosting is at HOSTICAN and they say, i need to ask for help in wordpress forums because they GIVE NO HELP with that.
Any idea? I have everything new