Flashback virus hacked my business website and computer. What should I do?

In the thread where I started this discussion,

MadMacs0 wrote:

OK, I clicked on Lifestyle Portraits, I think, and was redirected to macosxsoftwareupdate.org-slash-flashplugin-slash-7f-slash- (I used -slash- for / so that people won't be tempted to click on it) which is the site I've been watching. As I said yesterday, that address has been removed from the DNS database, so it doesn't work, but you still need to clean that redirect off of your site in order to get Google to take you off the blacklist and if that site ever goes active...well you know what happens next.

Below is another excerpt from the previous thread. Hope this is helpful and not confusing!:

MadMacs0 wrote:

This site has some tips on what to do and how to contact them. I think someone is going to have to scan the code on your pages and remove whatever is causing it....

but you still need to clean that redirect off of your site in order to get Google to take you off the blacklist

Are you saying that I need to clean it by having someone scan it and remove it?

I started to follow the steps linked to that site -http://25yearsofprogramming.com/blog/20070704.htm

and can't get past the first step. I use Dreamhost, which doesn't use cpanel.

So, I want to take my site offline using the method on the link I mention above, but I can't figure out how to make an .htaccess code because this page: http://www.javascriptkit.com/howto/htaccess.shtml

said:

htaccess files must be uploaded as ASCII mode, not BINARY. You may need to CHMOD the htaccess file to 644 or (RW-R--R--). This makes the file usable by the server, but prevents it from being read by a browser, which can seriously compromise your security. (For example, if you have password protected directories, if a browser can read the htaccess file, then they can get the location of the authentication file and then reverse engineer the list to get full access to any portion that you previously had protected. There are different ways to prevent this, one being to place all your authentication files above the root directory so that they are not www accessible, and the other is through an htaccess series of commands that prevents itself from being accessed by a browser, more on that later)

and I am so LOST. I don't understand it. I don't have an .htaccess file, and I am SO tired from staying up late dealing with all of this, first on my Mac, and now on my website.

In case it's helpful, below is the name of my previous thread about the Flashback trojan on my mac.

Finder shows strange letter and number strings, programs "quit unexpectedly"

Thanks!

Oh and I need to find a trustworthy website scanning service (I hope free!) that will be able to find the bad code. does anyone know of some? thanks!!

andyBall_uk wrote:

right at the top of most/all of your html source pages is a line trying to load a script from sweepstakesandcontestsnow which would (maybe only sometimes) have loaded content from macosxsoftwareupdate or other sites - leading (when I tried) to a download from adobe-software-update, which is different from the first few flashback variants.

thank you, andyBall_uk! so If I go and delete that code at the top and change my passwords, am I ok?

Also, I think that I don't have the latest version of Wordpress. Perhaps that is an insecurity? I don't remember if I have that backed up automatically or not, but I certainly haven't backed it up in ages. 😟 Is that included in the most/all of my html source pages? (blog located at www.kristenbuchmann.com/blog.) or can I safely back those up now and back up my database and then install the new version of Wordpress (if those are the steps - I can't remember what to do to update Wordpress right now.)

Thanks!

Thank you for everything. I passed on the information you gathered to my web builder friend, and she cleaned everything up for me and has asked that Google remove it from the blacklist.

Thanks!