I have found code base64 encoded before the closing body tag. I cannot find where its coming from. This looks real bad...
Can you share your site url?
Are you using Magento 22.214.171.124 version? or just patched an older version of Magento?
If you patched an older version of Magento do not forget to apply all the security patches released by Magento. Just applying the latest patch will not help you.
Go through the following step to fix your site.
2) Compare all your Magento core files with the default files of that version and check for any suspicious code. Do same for your theme files and custom modules. Restore the files if found affected from previous backups.
3) Remove all unnecessary files from the Magento root folder.
4) Disable the downloader access from the production site.
5) Make the admin url IP restricted.
6) Always use custom admin path do not use default admin.
7) Go to System > Configuration > General > Design HTML Head and check for suspicious code under miscellaneous scripts.
8) Change all the admin passwords with strong passwords. Also deactivate all the admin account which are not in use or were used by third parties in the past.
9) Change all FTP, cPanel passwords. Start using SFTP instead of FTP for future uses.
10) Keep your system password protected and keep antivirus updated.Your infected system may also help intruders to steal your information.
Finally follow Magento Security Best Practices
The url is http://www.shopgivereceive.com currently in maint mode.
I checked the new JS malware and its not it. That appears clean.
This site was a 1.7 site upgraded to 1.9 thence patched with all patches.
Finally forum allowed me back in. Password reset wont work with safari. Go figger.
Thanks very much for the list and prompt response.
I might be chasing a red herring. The offending code only shows up in web inspector in safari dev tool and not firebug or chrome tools and not in source view of all 3!.
Its been a good exercise cleansing the root folder of junk anyway. And Il lock down the other recommendations.