Also check the PC that is used to upload with for any virus or malware.

This is the advice we have as a helpfile for pinbrook clients - the steps are the same for anyone with a pc based virus/trojan

Steps to take to clear a virus from your PC and clear your website.

1 Download Kaspersky Anti Virus, uninstall any antivirus software from your PC, uninstall any anti spyware programs from your PC. Reboot PC, install Kaspersky, allow Kaspersky to update itelf with the latest AV definitions.

2 Disconnect your PC from the internet.

3 Run a thorough scan of your PC/system. Allow Kaspersky to detect and clear all viruses/known threats from the PC.

4 When Kaspersky reports your system to be clean, reconnect to the net.

5 Change your FTP password (Control Panel, FTP User from top grey bar, password).

6 Change network settings in Actinic to reflect the new password, do a complete site refresh from Troubleshooting menu.

7 If your index page (or any other webpages) are outside Actinic upload clean versions of these pages.

8 Return to Kaspersky, make sure it is set to routinely download new AV definitions, (there is an auto setting for this) Also set Kaspersky up to scan your system on a daily basis.

9 Remember to regularly change your FTP password. Your password should be 8 characters or more, includes letters and numbers, upper and lowercase.

Thanks for your tips.

I don't think it's my pc - I haven't uploaded to the site in 5 months and this problem occured on Friday. I have run another virus check just in case. Next stop is the host company.

Have you tried

Help | Troubleshooting | Website purge

May just be something that has got corrupted and not a virus

Indeed, if you haven't uploaded for 5 months it may be that the incursion is serverwide, thus your host has closed down FTP. In this situation you will be issued with a new FTP password, once they have cleaned the server.

Host company have reset FTP and I can now successfully upload via Actinic. However, this doesn't get rid of the bad script on the home page so nothing has changed really. I want to try uploading the index.html manually but can't locate it on my pc (I can only find the index for the shop itself). There seem to be quite a few files that have been uploaded about 9 days ago that are unauthorised however it only seems to be the home page that is affected. The site is still successfully taking orders.

The other option is to do a 'website purge' but I'm not confident with this. Do I risk deleting the Perl files?

Thanks for your help.

Site sorted - I manually downloaded the index.html page and re-uploaded it again. There were quite a few weird php files present on the site which I've now deleted/renamed.

You need to check all files with the same datestamp as the infected index HTML page with a view to replacing them.

If you are unsure then just let us know the filenames involved and we can advise. At some time you will need to gain some familiarity with the upload procedure as refreshing the site is often a solution to other issues that you will come across as some stage in your actinic career