I'm not sure if this is where this should be or not, but I've recently started having my members flagging me to the fact that when they visit my page their anti virus software is going ballistic... there's been 2 different viruses detected Bloodhound.exploit.109 and JS/Exploit-BO.gen I contacted my host about it and they refuse to even look into it for me saying that I must have done it when I uploaded some new components for my site... which I don't see how it's possible as I scanned as I downloaded, before unzipping them, and also directly after (I'm paranoid about viruses and stuff but not that experienced with it). Either way, Siteground, my host did nothing more than suggest that I use my ftp program to download every single file and folder to my hard drive and scan it, then delete the infected file, and re-upload everything... problem solved. Except that I spent all that time downloading the files and folders, completely updated my Norton 2007, then scanned it and there was absolutely nothing. Yet people are still getting the popup for the virus detected. I can't just delete my site and start all over and I'm not getting any help from the people that should be helping me. Any ideas at all? I did look into both of the viruses but I have no clue what any of it means. I'm at a total loss and I'm scared of lots of websites now if I don't recognize them.

First I would get clear about who's derecring what and using what AV to scan. Otherwise you're jousting in the dark.

Next, keep in mind that the FILES which you upload may use SSI, java or other stuff.

[My site is so simple that it's just the html, gifs, txt etc.]

=====================================
If at first you don't succeed, you're about average.

M2

Someone will probably scoff at this but I would recommend almost any other program to handle your anti-virus concerns. (aside from Mcaffe) Even their bundled suite is tempting to use as it has many programs in one, but let me assure you as soon as I gave up Norton used it for like 4-5 years many many many of my problems disappeared.

I know this really doesn't help your question much, but it may help against future questions.

This is just my own opinion and personal experience.

You must remember that this one of the biggest and most popular anti-virus programs so who do you think virus writers are going to go after?

You know what sucks.
Is when people answer posts
with assumptions.

lindseyacron,

It's possible your website could have been hacked and had malware such as viruses or trojans added to it. This is happeneng a lot to websites that are not properly secured. I will check your site in a virtual machine and let you know what I find.

Suzi

Suzi
Spyware Warrior
MS MVP Windows-Security 2005 - 2007

lindseyacron,

I looked at your site and read your updates about the problem. It looks like you have it under control now. This article I wrote might be helpful.

http://blogs.zdnet.com/Spyware/?p=811

Just a couple of things... it's up to you to make sure all your applications on your site are up to date, like your forum software, scripts and such. I see a link to Mambo. There have been a number of Mambo vulnerabilities in the past that allowed it to be exploited by hackers. AFAIK, those vulnerabilities have been patched.

Your webhosting company is responsible to ensure their servers are patched with the latest security updates so their servers aren't hacked.

Website and web server hacking has become very common now unfortunately. Malware and phishing researchers see hacked sites all the time used for phishing and malware distribution. It's become big business and is run by organized crime. There is a lot of money being made that way. It's a shame, but it is reality and everyone needs to be aware.

Suzi
Spyware Warrior
MS MVP Windows-Security 2005 - 2007