Hello recently my site www.energis.cl was infected by this trojan TrojanDownloader.Agent.NQB.gen. This trojan inyected several piece of html code on many files, most of them as been erased. The procedure to detect them, was to copy the entire site to my PC, then NOD32 detects the files infected, then I search them and clean them, but unfortunally my browser is still generating warnings, even my antivirus.
Any idea?
Thank you
It sounds like you may have cleaned the pages and been reinfected. Your Google Safe Browsing report references [ gumblar ] which is usually the result of stolen FTP credentials from a local computer used for FTP access to the site.
You should clean that computer with products that you don’t already use and change your passwords before working on the site again.
Dasient WAM identifies multiple pages and the malscript on those pages. You may want to request their full scan to identify other pages. In addition, it would be wise to evaluate your site using the following resources as a guide. When you are sure that it is clean, you will need to “Request a Review” through Webmaster Tools.
(you will need to copy/paste this URL in your browser to see the scan results)
http://wam.dasient.com/wam/diagnose?URL=www.energis.cl&scan_id=21556
Resources:
Tips for Cleaning & Securing your Website
How to remove the ‘This site may harm your computer’
Google Webmaster Tools
Google MalwareFAQ and screenshot for ‘Request a Review’