My website has been infected by Illredir-BY [Trj]

Several files of my website has been infected by Illredir-BY [Trj]
What can I do?
my website is: stefanofarkas.com
I have already downloaded all the files from the server to my computer and scanned them with Avast, now all the infected files are in quarantene, what shall I do next?

Protect the server properly and put a clean backup of the site files on it.

VirusTotal - unp262563845.tmp - 5/41
http://www.virustotal.com/analisis/348a3c831e46728311a7cbcc48a425dab125a70bba953cd14a1e33dbbd1c5b62-1274613805

This page seems to be
http://www.UnmaskParasites.com/security-report/?page=www.stefanofarkas.com

Suspicious Inline Scripts

Hi sfarkas,

Specific removal script is to be found here: http://www.leshirond-elles.com/dc2/remove-js-illredir-b.php

polonus

Yes, my websites (shared hosting) were also attacked this weekend with Illredir-BY [Trj].

I did a full Avast 5.0 scan on my computer and found Java:jdewers-n on it as well, but only on the boot scan.

Does anyone know how I can go about finding out who this person is? I know a guy locally who claims to be a hacker and I want to know if it was him? To whom and when does one report this malicious activity?

Also, is there a good place to go that can monitor my ftp accounts for uploading? Cpanel doesn’t do much reporting on ftp uploads.

Does anyone know how I can go about finding out who this person is? I know a guy locally who claims to be a hacker and I want to know if it was him? To whom and when does one report this malicious activity?

Also, is there a good place to go that can monitor my ftp accounts for uploading? Cpanel doesn’t do much reporting on ftp uploads.

Sometimes it can be hard to track down this info if your provider doesn’t give you the tools to do so. You’ll either need to talk to them, or find some type of log from your service provider about your account in your cpanel.

Might not be able to find anything there. I’d highly suggest that you change your FTP passwords though, just in case.

Hi malware fighters,

You could check your website against vulnerabilities with skipfish: http://code.google.com/p/skipfish/

pol

Yes, tools like that can help you find holes that you should fix to prevent someone from hacking your site in the first place…

Don’t confuse it for a tool that helps you find what has already been done though.