The script below has been appended dynamically to my markup. Anybody understand how I'm able to eliminate it?

<iframe width="1" height="1" frameborder="0" src="">

Here's my record:

  1. Speak to your host company, make certain they aren't going through security problems.
  2. Support all of your site's files. Support your DB.
  3. Download latest Wordpress version, then upload it for your site and upgrade the database by opening your admin area.
  4. Open all of your site's code in certain text editor (TextMate )), and perform a site-wide look for eval(base64_decode calls - a lot of recent attacks added this function call. Most most likely, it will likely be inside your site's index.php or perhaps your theme's functions.php or index.php files. Remove strange base64_decode calls.

  5. Make certain your plug ins are current.

Best of luck...