on my site www.clancreation.com, AVAST detected a “trojan” but in fact there is not … why? how to solve this problem?
Hi, I clicked the link to your site and Avast had blocked it completely. After disabling Avast’s shields, however, I got through. Very possibly a bug, the team should look into fixing that.
Check your site at www.sucuri.net and be surprised.
What i must do? Please help!
Hi,
Just as a heads-up, your site appears to be clean now.
Reference: http://forum.avast.com/index.php?topic=131491.0
~!Donovan
I think that your problem is on a module. The most popular modules that use this code are:
-
Autson Skitter Slideshow (mod_AutsonSlideShow)
The malicious code is located in the “tmpl” folder, in the php file(s). -
Share This for Joomla! (mod_JoomlaShare This)
The malicious code is located in mod_JoomlaShare This.php. -
VirtueMart Advanced Search (mod_virtuemart_advsearch)
The malicious code is located in mod_virtuemart_advsearch.php.
- AddThis For Joomla (mod_AddThisForJoomla)
The malicious code is located in mod_AddThisForJoomla.php.
- Plimun Nivo Slider (mod_PlimunNivoSlider)
The malicious code is located in the “tmpl” folder, in the php file(s).
Using Autson as an example, go to your file explorer and enter this path: /modules/mod_AutsonSlideShow/tmpl/default.php
Edit the .php file (the name of this file is shown above, near the name module in this post )and look for this javascript tag and you should see this amount of code:
Delete this code. If you don’t feel confident to do it you can create a copy of the original file in case in goes wrong.
Normally, at last line, is the link to the developer website and antivirus detect it like unwanted Pub. Know, go to the last line of the file and delete this tag:
By A Web Design
in autsonImageSlider module example. Proceed the same way to the other modules.
Save it, and enjoy.
Hope it was usefull.