I am really hoping someone with experience in this can help me.
I have got the iframeF-MalF malware on my blog and i can't log in to the back end at all (if you log in - after logging in the screen goes white/blank and just stays that way - forevermore!!).
After doing lots of research on the internet I downloaded the entire site to my computer and using notepad (a nonexecutable program) found the following code eval(base64_decode("aWYoZnVuY3Rpb25fZXhpc3RzKCd - blah, blah goes for 25 lines............ inserted into the top of many pages - including all themes especially.
As you can image in have also made sure there is no local infection on my computer (have used programs like malwarebytes, a-squared emsi, ad-aware, spybot, zemana anti-logger - you name it!!)
I could not find the iframe malware even though I did do a "find/search" to locate them (all iframes were legitimate).
Before I got completely shut out of the back end I found someone had hacked in and set themselves up as a user with admin rights (which i deleted).
I have downloaded the log files from my ftp and i have NOT been hacked via FTP.
So I have since cleaned through EVERY SINGLE FILE - gotten rid of the eval(base64 stuff from EVERY PAGE... then I re-uploaded the entire site last night but two of my anti-mal programs STILL give me the error message that I have got the iframe malware on there and I STILL CANT LOG INTO THE BACK END.
Any experienced advice would be graciously received right now.
Many Thanks Gaylea