Malware detected on website, need to remove
After which there is a large section which doesnt make any sense. The main thing is actually finding exactly where they've inserted the function, as its not just inserted simply on index.php. If someone very trusted is willing to help me out, I can discuss more in private.
<!-- Google analitics BEGIN -->
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");