How do I get rid of malware?
March 3, 2009 7:23 PM   Subscribe

I'm not seeing that in Firefox 3 when I search for "allanhardy.com".
posted by Inspector.Gadget at 7:26 PM on March 3

do you host or run your own box? if so, virus scan it. also, what kinda error message is this? is this message coming from google? if so, read this blog and start from there.
posted by Davaal at 7:26 PM on March 3

Hmm, Avast Antivirus says:

Trojan horse found
Malware Name: JS:Packed-AK[Trj]

"JS" leads me to believe that it's a Javascript file.
posted by nikkorizz at 7:29 PM on March 3

Or this.
posted by nikkorizz at 7:31 PM on March 3

Yep, they're right; there's a big hefty chunk of obfuscated javascript in your pages, right after the head tag. Your first step is to take that out; check every one of your .html files and remove that <script> tag and everything in it.

Beyond that my expertise runs out: personally I'd call it wipe-clean-and-reinstall time, but maybe others have less drastic suggestions.
posted by ook at 7:36 PM on March 3

It's probably worth pointing out that while removing that injected javascript will solve the problem for now, whatever security hole the bad guys used to put it there in the first place is presumably still open. Unless this was just a drive-by attack, you're going to wind up seeing this again.

Tracking down exactly where the hole is and fixing it is not going to be easy, especially for a novice. At the very least you should change your password and check any cgi scripts you're using for vulnerabilities, but if you're concerned that they might have left themselves a back door running on your server you might be best off having your hosting company wipe it clean so you can start fresh.
posted by ook at 10:12 AM on March 4

« Older can viruses - specifically the...   |   What is causing my Vista 64 PC... Newer »