Trojan attack

MarkSmith65 · Post by **MarkSmith65** » Wed Apr 13, 2011 9:30 am

Hi

I run a website at http://www.theowl.com and this week customers using Avast security software have started reported a trojan (iframe-bg[trj]. A screen shot is attached.

I have gone through the site and searched for extra code and cannot find any hidden in index.php etc.

Does anyone have any thoughts...? The hosting company is refusing to help saying it is my issue.

Thanks

M@rtijn · Post by **M@rtijn** » Wed Apr 13, 2011 10:07 am

Is it only with Avast? Couple of days ago they gave out a wrong update containing a couple of false positives. It should be solved already:
https://blog.avast.com/2011/04/11/false ... -110411-1/

Otherwise, do you have a recent backup you can restore?

MarkSmith65 · Post by **MarkSmith65** » Wed Apr 13, 2011 12:32 pm

Hi, yes it only is with Avast... this might well be the issue as neither me nor the hoster can find an issue with the site.

Thanks for responding.

JiiPee · Post by **JiiPee** » Fri Apr 29, 2011 10:54 am

F-secure 2011 also has been informing few weeks this site to be potentially dangerous and block access. Just to let you know if you didn't already.

M@rtijn · Post by **M@rtijn** » Fri Apr 29, 2011 11:06 am

Which site? cmsmadesimple.org?

Would it be possible to post the message F-secure gives?

JiiPee · Post by **JiiPee** » Fri Apr 29, 2011 11:39 am

Google results already highlight the problem pages, according to f-secure.
Sorry for Finnish language

JiiPee · Post by **JiiPee** » Fri Apr 29, 2011 11:48 am

There is actually feedback from for site owner, that should be good place to get more information:

F-Secure Browsingprotection

CMS Made Simple Forums

Trojan attack

Trojan attack

Re: Trojan attack

Re: Trojan attack

Re: Trojan attack

Re: Trojan attack

Re: Trojan attack

Re: Trojan attack