For anyone who has been hit by the Step57 cPanel exploit, this ones for you:
http://www.oscommerce.com/community/contributions,4457
I got slammed by this cPanel exploit and all my stores got nasty iframes, to sites containing a virus, insert into the language files. So i wrote this crude script to go through the store and fix the bad files and hack files which have been uploaded.
Very simple to use:
Step 1: Backup all your site files (since if you are using this script you have cPanel go to Cpanel -> Backups and do a full home directory backup.
Step 2: Open this file, edit the settings at the top and upload it to your store directory
Step 3: Run the file by going to http://yourstore.com/hackfix.php
The file may take some time to run depending on how many files you have, when its finished it will tell you have many files/folders were scanned, show the files which were edited and which files were deleted.
Feel free to improve or add to the code