Virus om my website!

Visitors to my website tell me that a Redlof virus is on my website!

When I download the webpages to my computer and performs a virus scan on these pages no virus is detected!

It almost seems pointless to upload new pages since the pages I downloaded appear to be virus free, or what?

Does anybody know how to get rid of this problem?

 

Who is hosting your webspace? Might be worth asking them to scan the server your site is sitting on to see if the virus is actually on the box rather than just within your website/space??

 

You'll need to look in the source code for something added. Private Message me a link and I'll check it out.

 

Post the URL of this site so we can take a look.

 

I want to make sure my pages are 100% clean first and if problem persists I will contact my ISP.

 

Yep, it's infected. Homepage contains VB script, ActiveX component. If you view source on the page you will see it all the way at the bottom. Should be able to edit it out. I saved all the pages to my PC and scanned them with RAV. That was the only one found infected and the ones I checked, which was most of them, didn't have it. I can't debate with TonyT as to whether your PC is also infected and that is how the page got infected, because I just don't know. I know it's very possible that it was hacked in. And I don't believe you put it there intentionally or you would have posted the link for more exposure.

RAV report.
DFD® Technology PAT™ Precision pull off adhesion testers.htm->(SCRIPT0004) - VBS/ActiveXExploit* -> Infected

 

Well, thank you for all the help! I have deleted the script.

Personally I don't think anyone would have hacked in and put this little script there but who knows? I think my machine was infected at some stage and then I would have uploaded that page to the webserver. The peculiar thing, though, is that when I virus-scanned the web folder on my PC no Redlof turned up.

Would my PC be infected all over if I simply kept an infected version of the web page on the hard disk, or would I have to open the file to spread it? The vbscript code only had about 240 characters, not more than one could put in a text file cookie... Dreadful!

Lately, certain search engine rankings for some very relevant terms and expressions have gone down from 1st and 2nd pos. to 39th with noticeable effect. (=less sales enquiries) Is it likely that search engines penalizes webpages with viruses? If so, I would have thought the search engines would delete the sites from the indexing altogether.

 

A little more info on Redlof at Sophos. If you follow the link to Microsoft you will see that they issued a patch for the JVM vulnerability back in October of 2000. Really no good reason for anyone to get infected with this virus.

 

Just saw your new post. Glad you got rid of it. My AVG on this machine didn't detect it either. Scan with RAV. As noted by TonyT, the virus searches out .htm on your drive and infects them also, so yes, if you had/have this infection it would probably be all over your drive. But like I said previously, I saved that infected page to my drive yet nothing else became infected. And as I stated also earlier, there's no excuse for getting infected since the patch was issued so long ago. At most, one would only get that one infected page in a TIF, and that's easy enough to get rid of. Sorry, but I can't answer your questions related to search engines and penalizations. No knowledge of that.