I've recently noticed that someone has uploaded a virus - JS/Downloader Agent to a number of my WP 2.51 web sites.
Whoever the attacker is uploads it to wp-blog-header.php.
The file is originally 2KB. The new file is 3KB.
I have already contacted my webhost (Servage) and installed a fresh copy of WordPress.
Read/Write permissions are set to 755 on the root folders.
No one has my passwords, but I've just changed them, just in case.
I have wp-ban installed, as well as wp-blockadmin and the Login Error Cleaner plugin.
All plugins are up to date.
What I'm trying to figure out is how to prevent it from happening again.