We get a virus on our website - and it will not go away. We've uploaded clean files and have manually deleted the code off of our .index.php files. It is infecting all of our site visitors (the ones that do come). I've asked our host for help and have received none, in addition, I've searched for hours and hours trying to find a solution to this problem. Any advice or help would be greatly appreciated.

Thank you

newhomessection dot com is our site

Well, I'm certainly no expert (perhaps a real one will also see your post and offer more help), but it sounds as if the problem is with your host if you upload clean files, the malware returns, and the host doesn't provide any assistance. Evidently, there is an exploit on the host's system that enables the malware. The host should contact their antivirus/security vendor for help. There is also some penetration testing software available the host could use that might help. If this situation continues, you should get another host or consider hosting your site yourself (perhaps on a virtual machine).

The ClamWin web site has an antimalware resources page that may be of some help, but it is primarily for stand-alone PC users with malware problems.

Regards,

thanks for your help - I'll check into the resource

it could also be caused by a flow in some code like php or similar, if you are using softwares like forums or wiki make sure you have the latest version

perhaps the code is in index.html
there is a js function that looks suspected

function v4808fc546806b(v4808fc546883c)

Sherpya,

Yes it's a JS worm and it can't be removed.

Does anyone know what I can do to take care of this problem? Our website is currently down and we are working on the problem but nobody can fix it. Any help would be appreciated.

It's a script that keeps reciprocating itself on our .index files

TrojanDownloader:JS/Psyme.gen

I ran a search on Google for the name and below are some references that may be helpful.

Here's a post on the Web with some other helpful followups: https://www.suggestafix.com/index.php?s=51c48622b593e36cc10c059b73fcb4f4&showtopic=28263&pid=203721&mode=threaded&show=&st=&#entry203721 at a forum.

Here's https://forums.mcafeehelp.com/showthread.php?t=215132 at another forum.

Here's some more help at https://www.precisesecurity.com/tools-resources/threat-removal-procedure/standard-malware-removal-procedure/ on the Web.

The above posts may be more applicable to one PC and not a server. I've had good luck on single PCs with the following free tools: Norman's Malware Cleaner in safe mode, Dr. Web's Cureit, SuperAntiSpyware, and Microsoft's Malicious Removal Tool (only for the most prevalent malware as of a month or so ago). You might also try a scan in Safe Mode with your regular antivirus and/or F-Secure's Blacklight tool.

Good luck.

Regards,

Thanks Guitarbob - I've read all of those a few times over the last week and nothing. I really appreciate your help

One last suggestion for you: try the Secunia Web site at https://secunia.com/ where you might find something that will help--they have some software inspectors that might point out some problems/weaknesses.

Regards,