Hey, You removed the issue, but didn't fix the problem. When you remove the malware, you also have to do the following: -Clean your desktop (run multiple AVs if needed). Lots of desktop-based virus are stealing FTP passwords stored on FTP clients to infected web sites. -Change your passwords -Update your installation. Are you using an old version? -Attackers always leave backdoors (90% of the time), to be able to get back to your site easily. Check for PHP scripts in there that you didn't add and that are not part of the default install... The best bet is to download your whole site and do a diff between it and a clean install version. Thanks, David Dede, http://sucuri.net On Tue, Apr 20, 2010 at 10:59 AM, sushyl <sushyl@gmail.com> wrote:
HI, I am having malware problems with all my drupal sites. A piece of code gets inserted in all or some javascript(.js) files. Its happening even to the files with permissions "644". I have to remove the code and submit the site for review on webmaster tools on google, so that mozilla-firefox does not give malware. It takes 2-3 days. This is happening again and again, and i have to repeat same process each time. Is there any permanent solution for this issue?
I am giving the code that gets into the files. Sometimes the links in that code are different.
Thanks -- Sushil Hanwate