Virus in CSS?
I guess I've never thought about this, but...
Can CSS contain any executable code, as in an injected virus?
I'm trying to help a company that is utterly riddled with it in WP. I'm proposing a rebuild rather than a cleanse but just want to cover this base.
CSS is a browser side language there for the only way you would be able to execute harmful code in it would be to re-name the file to something like .exe or .php, If the CSS files you are looking at have been altered then it's due to poor server security or not keeping WordPress up to date.
The closest you can get to a virus in CSS is IE's expressions. Though, they are being phased out.
Was it a Pharma-hack by chance? I've had some experience cleaning those up. It's no fun.