I had someone contact me to inform me that when visiting a site on my VPS (I also administer site) they rceived a notification that the web site contains a virus (they did not give me the exact warning message) but they said it happened when accessing the site from 2 seperate computers. First off all, is it possible for a virus to exist on a web page iteself? I have the most up to date virus protection on my computer and when I visit the site nothing shows up as being maliscious. I am assuming that the person has several computers infected with some sort of "scareware" that is trying to get them to buy a protection program of some sort but I thought I would look into it just to be sure Any comments or suggestions?
Its very possible that a webpage try to inject malicious code into the client machine triggering the anti virus try to stop it. Check your pages from any friends machine if you get that message.
I just ftp'd into the site and saw the index.html page was las tupdated 5/8/09 and I know I havent updated it in a while - when i donloaded it I did notice a script at the very end of the page that i did not recognize that had a bunch of characters at the end of it so that appeared to be it. Now I have to figure out how it got there
Unless the web browser has a flaw/bug/vulnerability, there is no way of being infected (installing malicious ActiveX controls does show a warning!).
I am also going to face this kind of problems. My VPS hosting company warns me saying I have done many false tricks from my IP. How can I check the virus?
just remove the script from the index file and re upload it, also check if your other files have the script and do the same (remove,reupload)..... or else reupload everything from your local backup... hope it helps you..
I had a client who had a similar problem. he had somebody build a page for him, and somehow after a while it started injecting pornographic links on some pages. Removing the code from the pages, and also the source script solved the problem.