Man I need some help y'all.
Google removed the "this is a malware" message and it was fine for a few days. Next, the google message came back, and the code was found in the header. I removed it, set the permissions to read only on that file. Google rescanned... released the error.... a day later.....
AGAIN. Now it's being injected in the header at runtime it seems.
I've checked every file in the theme for anything that could be calling the script for inclusion. NOTHING. I'm totally stumped.
I've got a screen cap of the code that is included in the header (not physically written in the header.php file though..)
I'm totally stumped. A friend of mine went to the site and said that Kaspersky AV stated that there was a virus on the site... " Huer:trojan.script.iframer "
I could use some help here. I'm up against a wall. If you check the site on firefox, you may not get the google error. Chrome will show it though.
Anyone run into this?