I have a website that is coming up with an Avast message. The site is hxxp://www.traveltripz.com
The infection details state that it is the JS:/Pdfka-gen@bhv[expl] virus.
I checked all the usual sites like Sucuri, Nortons etc to see if the site scanned okay and they aren’t showing any problems so I can’t tell where the virus might be sitting on the site and my hosting company can’t see anything obvious.
I thought it may be just a false positive but someone emailed us to say their computer was infected because of our website so something is wrong.
Hello,
your site was hacked. In the middle of code is added redirecting script. This atack is focuse on IE users.
Redirection leads to protection.myar.in/in.cgi…
I have run the Exploit Scanner plugin on my blog. It comes up with a report and on that report it shows the following code for a couple of the plugins.
That is Dean Edwards packer indeed. It can be used for protective obfuscation and for that reason has also fallen prey to malcreants to be abused and injected into. Read about one of these malware variants here: http://www.stopthehacker.com/tag/dean-edwards-packaer/ (linksource Jaal, LLC).
This is what avast flags,