Soon as I try to access the website (Steiner Binoculars Webstore):
hxxp://www.steinerpartsdirect.com/
I get message “A trojan horse was found” and the only option I get is to abort the connection.
Malware name: JS:Redirector-H7 [trj]
Type : Trojan Horse
VPS Version: 090513-0, 05/13/2009
After consulting with friends using different AVs, their AVs didn’t detected any threat so they concluded a false positive.
Can anyone confirm this?
Edit: Sorry for the URL, I am new here so I was not aware of the mistake.
It is no false positive, the site appears to have been hacked, there are no less than 4 obfuscated script tags after the closing Head tag, see image1. They differ in format and layout, not to mention they are obfuscated when javascript is a plain language scripting language, from other script tags on the page. So they are trying to hide the intent.
See http://www.UnmaskParasites.com/security-report/?page=www.steinerpartsdirect.com, this is only cached for 2 hours, after that you would have to scan again, see image2 & 3.
Please ‘modify’ your post change the URL from http to hXXp, to break the link and avoid accidental exposure to suspect sites, thanks.
avast has been very hot on these detections and there are very few that are even able to detect these hacks.
Thank you.
I emailed the webstore to check their website.
No problem, glad I could help.
Welcome to the forums.