It won’t find the malicious links, but by using Google Webmaster Tools and grepWin, you can find and delete the malscripts that Google finds.
You can use the string that Google identified as being malicious/suspicious and then basically do a search and replace with grepWin.
Let me know if you’re interested in that solution and I’ll post details here.
Thank you.
Thomas J. Raef
“We Watch Your Website – so you don’t have to!”
http://www.wewatchyourwebsite.com
traef@wewatchyourwebsite.com
Have you downloaded grepWin yet? If not, please do. It’s free.
Then use this string for the regex:
<script>http:\/\/alpersonal\.ru\/misc\/nginx\.php\s*<\/script>
Hopefully that won’t set off anti-virus programs.
Then in grepWin set the Search in window to the location of the files for your website. Select Regex search
In the Search for: box enter the string (cut and paste it) from above.
Leave Replace with: empty
Set the following options:
uncheck Search case-sensitive
check Dot matches newline
check Create backup files
uncheck Treat files as UTF8
check All sizes
check Include system items
check Include hidden items
check Include subfolders
Then select the Search option first.
In the window titled: Search results you’ll see all the files with that string in them.
Look them over, then select Replace.
It will make backup files of the originals and your files will be clean.
FTP the cleaned files to your website and you should be okay.
Then, scan your PC with a different anti-virus program than what you’re currently using. There might be a virus that’s stealing your FTP credentials and infecting your website with a valid login.
Change all FTP passwords.
Post back here if you have any further questions or updates please.
Thank you.
Thomas J. Raef
“We Watch Your Website – so you don’t have to!”
http://www.wewatchyourwebsite.com
traef@wewatchyourwebsite.com