I run a WordPress site that is currently suffering from a malware infection.
Sucuri Sitecheck tells me it is a Blackhole exploit. The only browser that the malware seems to display in is IE.
The problem is a php injection into all the index.php files of my site. Both in the base folder of wordpress and the themes folder. When I delete the php string from both those files and rescan with Sucuri it tells me my site is clean, so those seem to be the only affected files.
After that the site will be fine for about 12-24hrs, then the files become reinfected.
I have changed my FTP and WordPress passwords and reset the secret keys.
I have also seen the links that are commonly provided when it comes to this issue, that tell you to do complete reinstalls of wordpress/all your plugins/etc. At this moment I do not have time for that and am hoping someone can provide me another way of figuring out the source of this issue. Thank you.