I’m a bit pissed because in the end it wasn’t as big a deal as I thought it was.
Somehow there were these I-frames on a few of the internal pages to this odmarco site that was distributing malware.
Not sure how I got it… I thought it was the old wordpress installs, that’s what Dreamhost was telling me … but in the end, they were mainly old index files from camtasia files and one php index file that was not WP related.
Anyway … hopefully the malware alerts will stop soon, not sure how long google takes to review these things, but hopefully not to long.