Hello,
Recently I have received that visitors visiting my site gets error that there is trojan on my site.
I have checked it:
hXXp://www.virustotal.com/analisis/e93601eeb034461ced725ba6a78fb8b9b0265456550b2908e52855dab0513701-1274709989
And it found JS:ScriptIP-inf
I have checked the source, but I can’t see anything strange that can be infected.
Also some users said that there is VIRUS on hxxp://www.atomicwarez.com/{gzip}
But when you call that URL it gives 404 error and redirects to main page. So I can’t found where that virus is.
Can anyone explain where is malicious code on my site? Or is it just a false report?
site is hxxp://www.atomicwarez.com
Hi sanis,
The site you mention is a Dutch site, that has been given the all green by Norton Safe Web,
and by unmasked parasites so far.
However I have found this there: [iframe] s7.addthis.com/js/250/javascript:
http://www.google.com/safebrowsing/diagnostic?site=www.addthis.com
, 1 page resulted in malicious software being downloaded and installed without user consent,
and the last time suspicious content was found on this site was on 2010-05-09.
Malicious software is hosted on 1 domain(s), including addthiscdn.com/.
This site was hosted on 1 network(s) including AS3549 (Global Crossing Ltd.).
But again other malware can also be found via external links:
polonus
So you say that addthis is maliciuos site, and that causes that it is trojan on my site?