I get HTML:IFrame-PE[TrJ] for my website - what is this and how do I get rid of

Please send info asap. Thanks.

welcome to the forum.

we need more information on the subject

what is your homepage please post that. but chance the url from www to wxw so it’s not clickable.

I am getting this too on my own website. wxw.thewaldorfconnection.com and wxw.everydayrhythm.com

Started on Sat.

I have done thorough computer scans and removed the trojan on my files and also done
a boot scan where it was removed, but only found in the Mozilla AppData files.

I re-started computer and tried to access website and it happened again!
I don’t seem to have infected files on my computer. My webhost says they don’t see anything
and could not duplicate the problem.??

This is my business site, so impotant

Thanks,

Donna

websites are infected

see attached screenshots

type of infection http://sucuri.net/malware/malware-entry-mwjs3022

Hi Donna, welcome to the forum :slight_smile:

Unfortunately, as Pondus suggests, it seems as though your sites have been infected.

Both contain an iframe at the very beginning of the page that is most likely the cause of the alerts.

Scott

Norman lab analysis

The iframe domain points to IP 94.60.123.48 which is blacklisted in RBL for spreading malware based on "Blackhole" kit.

Both URL have same Iframe

wxw.everydayrhythm.com.htm —> JS/IFrame.FZ