OK, I'm pretty sure my site got hacked. And I need to figure out how code is being injected into the site... Its adding CSS, favicons, and HTML while modifying the <body> tag of the site. I'm attempting to figure out what file is injecting this (into EVERY page) by using this: Code: grep -e "i.i.com.com" -f /var/www/vhosts/pittnews.com/httpdocs/ This doesn't entirely seem to be working (its just sitting there basically), is this the correct line of code? On a side note, I just did a google search and see that URL used in a lot of images, but I know I didn't put it in there... Which means its being injected somehow because my index.php file for my theme doesn't include it. Plus, it screws up the look of the site (just proving I didn't do it).