I use a CMS program called Tandem Server for my site. I also use the free version of Avast. I set up my website and now I’m getting 2 virus warnings whenever I load my site on my computer. Here they are:

http://mitchel-brown.com/inc/common.js?v=2010.02.01
JS:Illredir-AX [Trj]
Trojan Horse
100430-1, 04/30/2010

http://mitchel-brown.com/inc/global.js?v=2010.02.01
JS:Illredir-AX [Trj]
Trojan Horse
100430-1, 04/30/2010

I am only able to duplicate these virus problems on my computer. On other computers where I load my site, no virus warning pops up.

I asked he developer of Tandem Server about this and they said they scanned both files and found no problem.

I’m wondering if this is a false positive. Any help with this is appreciated.

VirusTotal - common.js - 5/41
http://www.virustotal.com/analisis/cc665aefa158fa5f553f5a50f0733e008250f673539978075b9f08d1f0c5cf8c-1272672340

VirusTotal - global.js - 5/41
http://www.virustotal.com/analisis/43d5528345e5458c7b36e7caf025b680c41472efb7eb153f6a6e44177cbdad2e-1272672369

Please ‘modify’ your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

So the huge chunk of obfuscated code on a single line at the bottom of common.js and the same for global.js are meant to be there ?

There are a few detections on virustotal for common.js, but that is no surprise as very few are actually looking for this much less detecting it, http://www.virustotal.com/analisis/cc665aefa158fa5f553f5a50f0733e008250f673539978075b9f08d1f0c5cf8c-1272672311 the same for global.js http://www.virustotal.com/analisis/43d5528345e5458c7b36e7caf025b680c41472efb7eb153f6a6e44177cbdad2e-1272672369