ross88guy

Yup, the malicious code was in my Functions.php file but it was hidden in lots of what looked like gobbledygook to me and not plain html or php.

Not wanting to mess around with the editor I simply reinstalled the latest version of my theme template which seemed to fix the problem…for now. Can someone check my site to make sure there are no malicious links at the top of the articles any more:

https://www.runtheline.com

Other steps that I have taken are changing my passwords, deleting unused user accounts, deleting all non essential plugins and making sure that everything is the latest version.

I have been reading that a hacker might leave some back doors. Any idea how I can check for back doors?

see the post by Vee here:

https://www.arrastheme.com/forums/topic6815-consolidated-arras-php-error-with-wordpress-32.html

My error was on line 404 and this fix solved it a treat.

My Blog – https://www.runtheline.com

Thanks for the tip, works like a charm!