I had a problem after I installed an MP3 and a WAV sound file into a couple of my Navigation Bars. Also I C&P's a tiny .ico file to use as my "top of page" marker. I got it off a GOOGLE search on their images engine.
I used these in my website and uploaded them to my public folder.
Suddenly, about 24 hours later, I was being warned by Kaspersky that Firefox and IE contained a link that steals passwords, etc. It told me that the item was a "pantscow.ru:8080/Readme.js" file.
So I did some research and stumbled upon this website:
All you have to do is enter your website URL and it will sniff out any bad code. I quote, "All Malicious or Suspicious Elements of Submission".
You can also download a .zip file that contains all the code in your website, and there is included, a decoded log in that .zip.
That is how I found out that the .ico was suspicious, as well as the two "button click" sound files. All three I had gotten off the Internet from free sites.
I found the files and right clicked on them and selected properties and down at the bottom, the security info said, "This file came from another computer and might be blocked to help protect this computer."
So I deleted these three items at all locations, and instantly no more popup warnings and everything is honky dory.
I guess that means I have to do a 100% check on any foreign item I add to my website. Please do not be harsh on me. It is so easy to use pictures and such by doing a simple C&P.
I would never have thought that malicious code would be written into the simplest things!
So, the malicious code that Kaspersky was warning me of is:
The jsunpack tool ID'd them for me.