123Reg have suspended one of my hosting packages due to suspected Malware and that has stopped 7 Rapidweaver sites that I have hosted on it. So far they have not told me what file might be causing the problem. I have deleted a load of outdated files, changed the password on my FTP account and re-published everything. I have then asked them to check again and am waiting for an answer.
In the mean time is there anything else I should be doing? Is there any tool that can help me track down the malware on the server, bearing in mind that no-one can get access to any of the websites online at the moment?
May be totally unrelated but I had google flag one of my sites once like this… the problem was a “mailto” link that was setup wrong. In that case they thought I was trying to gather email addresses by having people click links. So you might want to check your “mailto” links if you have any.
I honestly don’t remember. We have a directory page with lot’s of email links (the people ask to be listed) and so we have hundreds of “mailto:” links. Instead of typing "mailto:xxxx@gmail.com" I had mistyped it. I seem to remember a “mailto:” with a url instead of email address. But just not sure…
In my case Google was kind enough to provide the offending page so I just checked the code until I found the weird “mailto”. Strangely, except for that, the page worked as normal.