I need to find the source first, I am not even sure it is a WordPress that caused this. I did not found any file named timthumb.php. I also have joomlaa, drupal and wikis installed. Plus it appears my WPs were working fine.
Make it run as a cron job once solve this problem, it just recover if your backup procedure is to heavy.
Here is what I used to fix it, without restoring backups. Had over 2000 clients’s files infected. Use it at your own risks or advice your sysadmin to run it.
[Code moderated as per the Forum Rules. The maximum number of lines of code that you can post in these forums is ten lines. Please use the pastebin]
