2.9.2 SQL Injection?

Sounds familiar.

https://www.ads-software.com/support/topic/385477?replies=21

This reply is your best bet for a solution.

https://www.ads-software.com/support/topic/385477?replies=21#post-1469684

I looked at that, but my wp_options is not being modified as part of the process.

I have tried to delete and reinstall WordPress twice now and it is still being affected.

***.**.**.*** – – [08/Apr/2010:11:32:39 -0500] “GET /wp-admin/theme-editor.php HTTP/1.1” 200 32691 “https://www.SITEURL.com/wp-admin/themes.php” “Mozilla/5.0 (Windows; U; Windows NT 5.1; ar; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9”

This is what I have traced it to.