I spent most of the day yesterday going over the entire site looking for malware. I made a local copy of irreal.org and grepped for the signatures that I discussed in my Anatomy of an Exploit post. I didn’t find anything so I used curl with the appropriate USER_AGENT string to request pages that Google said were infected. Again, I didn’t find anything so I asked Google to do a rescan and they agree that the site is clean.
As I wrote previously, I’ve upgraded WordPress and I’ve changed passwords so I don’t anticipate any further problems. As annoying as it was having Google flag the site, I’m grateful for them having alerted me—and you—to the problem.
Now back to our regularly scheduled blogging.