I updated to the latest version of WordPress a couple days ago and almost immediately afterwards I noticed my server got really sluggish. I thought at first that it was my host, Go Daddy, but today I noticed when I was trying to access my dashboard it said something like cloud.net as the address it was trying to go to.
My site is http://stacyjuba.com/blog/
I ran a Sucuri scan and a bunch of pages have malware in the URL. It also indicated that this was the problem:
Details:
http://sucuri.net/malware/entry/MW:SPAM:SEO
<script type='text/javascript'>if(document.getElementById('hideMe') != null){document.getElementById('hideMe').style.visibility = 'hidden';document.getElementById('hideMe').style.display = 'none';}</script><div id="page">I found the script once in my source code but then after I removed that section, my page design got split up and messed up so I pasted the script back where I found it and now it looks okay again. Also even when the script was removed, I did the scan again and I still got the same list of infected pages and the above message.
How do I get rid of the script and what else should I look for? I did a scan for suspicious files and it didn't find anything overly conclusive - a few files to check but one was from a plug in I put in today. (Evergreen Post Twitter) The sluggishness server problems started before I added that plug in.
I know I need to change passwords and secret keys once problem is fixed but any other advice on how to get rid of it would be appreciated. I don't see any other users on my site.