Had no idea where to put this, so went with the General category.

I have a site that is hosted with an external hosting service. I received an email from a computer repair shop that said he had a customer come in infected with the winantivirus 2009 malware. He said the customer had done a google search for a local business and the link shows one of our pages. When she clicked on said link, a winantivirus 2009 popup appears. I did this on my machine and if you exit or cancel out of the popup, the webpage is redirected to pc-security-scan.com (which is on of the malwares sites).

I have now received another phone call from a person saying they tried to go to a different page on our site through a google search and the same thing happened.

If I go directly to the site or to one of the pages (not going through a search) everything works fine.

I have checked the html and do not see anything odd.

So I guess the questions are:
1. Is this something on our site?
2. Is it something through google on the redirect?

BTW-The business that she searched for is no longer open and it is not listed on our business services page that google shows it is linking to.

Any help wud b greatly appreciated.

Ok, I will answer my own question in hopes it will help someone else.

There was a file on all my hosted sites that came through ftp (a co-worker was infected and unknowingly upd the file). The file is .htaccess that was redirecting anybody that came into the site to the winantivirus 2009 site. They were then affected if they clicked on the pop-up

I removed those files from the hosting server then recommend everyone run an anti-malware to cure the infection.

I have several clients that tell me "Oh I don't need that, I have a very good virus program". Please explain to your clients that that malware and viruses are different and often need a different application to heal.

Is there a specific removal tool for this virus that you know of?

There is a specific ant-malware tool that i found works. I guess the admins of this site don't allow me to mention it as it was removed from my original post.

It is a shame that you cannot mention a freeware program that works. I certainly don't work for the company or anything, but I guess rules are rules.

Do a google search for anti-malware, and if you clicked on one of the first items that begins with an M you will probably find the one that I have found that works.

Good luck

Ok thanks. I saw a pop-up on my computer the other day that seems it might match this, and hopefully I didn't accidentally install the sucker on my machine, but I did a virus scan and it came up empty. Didn't know until I saw this post that this was the 'new virus' going around. I'll try the search you recommended later.