Trojan and virus alert

Avast alerted me to the following when at a website that I have been going to for years and I know is trusted. The filenames that come up are unrelated to the website which is wxw.ishafoundation.org. Here is what came up:

Trojan Horse
File name:hxxp://tradbox.net/doxt/fVA5bzg/PD86Nzk2O2w2PmhsPj1sPjk3Njs3a2w2OD1oNg==
Malware name: JS:Obfuscated-DL [Trj]
Malware type: Trojan Horse
VPS version: 091007-0, 10/07/2009

Virus detected
File name: hxxp://wu-wien.gras.at/language/google-analytics.html
Malware name: HTML:Iframe-inf
Malware type: Virus/Worm
VPS version: 091007-0, 10/07/2009

Can you advise me what to do about this. I have run Malwarebytes and SuperAntiSpyware and nothing comes up, but does this mean I can’t use that website without getting malware on my PC?

Thanks for your help with this.

please edit your previous post and change the links to hxxp and wxw, please

this site is injected with a iframe :


iframe src="hxxp://search-request.info/go.php?sid=1" width="0" height="0" frameborder="0"

it leads to either of the links which you have posted(hxxp://wu-wien.gras.at/language/google-analytics.html) or to this : hxxp://tradbox.net/doxt/a8Po

both of them gives you virus. better contact the site admin. you can message them at this id : webteam@ishafoundation.org (found it on their site).

they can clean up : http://stopbadware.org/home/webmasters

generally its because they have not updated their software and also a weak password. ask them to update and change the password.

hope it helps.

namastey.

nmb

Trusted means nothing with the number of sites being hacked now and avast is very hot on this hacking and usually very accurate too.

There is a hidden iframe width=0 height=0 purporting to be a search request, which is strange to me why would any search function be hidden, see image.

That is most likely for the redirection going on in the background.

not likely but it is redirecting in background, just to confirm. :wink:

nmb


Welcome to the forums, Shishya. :slight_smile:

The site … tradbox.net … seems to have 2 malicious scripting exploits. See the link below for more information.

http://www.google.com/safebrowsing/diagnostic?site=tradbox.net

The site … wxw.ishafoundation.org … has suspicious inline script and 2 hidden external links.
See the link below for more information.

http://www.UnmaskParasites.com/security-report/?page=www.ishafoundation.org

The most you can do is stay off those sites until it is no longer infected. Since MBAM & SAS came up clean, your computer should be ok. Yes, it does mean using that website will eventually infect your computer.


charley, change to wxw … how did you forget? ???

nmb


OOPS … changed … thanks, nmb.


you are welcome charley.

thanks for changing to hxxp and wxw shishya and if you have anything to ask you may.

nmb