This one is affecting me as well.
Another Plugin or Theme is using ‘ZM5j2q0shf_callback’ to handle output buffers. This prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins. Consider disabling caching and compression plugins (at least during the scanning process).
I thought I had cleaned the site out a few weeks back, things have been great… recently though I found the site to be sluggish and noticed new code injection and EVAL’s back on some html files etc… I’ve run through scans, done some cleaning… but I’m still seeing the message above. I’ve been unable to locate the malicious code… Any tips on where/how I would be able to locate/narrow down the location?