Hi,
I solved the problem. I found the malicious code in xcalendar.php which was installed as a plugin.
Anyone who has something like that:
/*
Plugin Name: SEO Adviser
Plugin URI: seoadviser .com
Description: SEO Adviser
Version: 1.2
Author: Phil Smitter
Author URI: seoadviser[dot]com
License: GPLv2 or later
*/
please get rid of it as soon as possible. It causes invisible pages to be inserted into your WP database. Pages usually relate to some dirty stuff, that you would not normally write about ??
Greg
