346181 Malware problem site

site has been affected with Malware warnign by Google and need to get handled asap this was the review from our host provider what they found when reviewing site after attack as follows The website "[login to view URL]" was infected with a malicious iframe code(IFrame Injection Attack). There are lot of files under your domain infected with iframe attack. The files are infected with the code: iframe src="[login to view URL]" width=120 height=189 style="visibility: hidden Since the access log of the domain is rotated, we are unable to find the exact source of his attack. It looks like the attacker used the vulnerability of either the php scripts(oScommerce and wordpress) or the weak permission of your files. I could see that you are using old version of oScommerce(public_html) and wordpress(public_html/blog) for your site. If you have any local backup of your account, please upload it in your root folder(/home/focugcom) so that we can restore your account from it. Once the account has been restored, please upgrade your oScommerce and wordpress to its latest stable version. We recommend the following in order stop such attacks in future: 1. Use strong password for your account FTP/Cpanel/mail. Please refer the URL [login to view URL] to generate strong password. Some secure password tips would be: # Don't use a dictionary word # Don't use part of the username # Keep the password at least 7 characters long # Have a combination of at least three of: - lowercase characters (a, b, c) - uppercase characters (A, B, C) - numbers (1, 2, 3) - non-alphanumeric characters (!, %, *, {, £, ) 2. Change your passwords periodically (say, at least once a month) 3. Keep your applications up-to-date. Always upgrade immediately when a new version is available. 4. Clean up files and directories on the web server. Make sure there is no old file with .bak or .txt extensions lying around 5. Ensure that appropriate file permissions are used for every file and directory on the web server(for files and folders if should be 644 and 755 respectively) and this was provided by google and twitter as warning with back links Uh oh! We found a bad apple on your Twitter profile. We detected a link in your profile (bio, URL or location) pointing to a phishing site or other harmful material that we identified as malware. We removed the link from your profile. Please be mindful of others in the Twitter community, and post only safe links on Twitter.com. Twitter Support Please do not reply to this message; it was sent from an unmonitored email address. This message is a service email related to your use of Twitter. For general inquiries or to request support with your Twitter account, please visit us at Twitter Support. This I received from twitter that the site containded malware and the [login to view URL] site has a error on home page can you look into it also I received this from Google can you tell me what malware is on site Dear site owner or webmaster of [login to view URL], We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com. Below are some example URLs on your site which can cause users to be infected (space inserted to prevent accidental clicking in case your mail client auto-links URLs): [login to view URL] .com/[login to view URL] [login to view URL] .com/[login to view URL] [login to view URL] .com/[login to view URL] Here is a link to a sample warning page: [login to view URL] We strongly encourage you to investigate this immediately to protect your visitors. Although some sites intentionally distribute malicious software, in many cases the webmaster is unaware because: 1) the site was compromised 2) the site doesn't monitor for malicious user-contributed content 3) the site displays content from an ad network that has a malicious advertiser If your site was compromised, it's important to not only remove the malicious (and usually hidden) content from your pages, but to also identify and fix the vulnerability. We suggest contacting your hosting provider if you are unsure of how to proceed. StopBadware also has a resource page for securing compromised sites: [login to view URL] Once you've secured your site, you can request that the warning be removed by visiting [login to view URL] and requesting a review. If your site is no longer harmful to users, we will remove the warning.