Hi folks, I see this has been discussed in another thread but I can’t seem to find what is wrong with this website - hxxp://www.bernesemountaindog.co.nz. Avast reports the JS:Redirector-D trojan virus. It seems the general consensus is some obfuscated javascript file/snippets. I can’t quite figure out which one is doing this.

Has anyone found a solution for this kind of thing? I have not made any changes in the Joomla template so I’m not sure which part of the content is doing this. Any comments/suggestions would be greatly appreciated.

Cheers,
Dany ???

Hi…

I’m guessing this is a false positive as the scan I did with Dr. Web’s linkscanner (see image below) and at this site comes up clean. ???

You might want to report the link and have it further tested by Alwil: virus@avast.com

May God Bless you!

ardvark, Dr. Web scanning is very weak compared to avast capabilities. I do not think it’s a false positive, obfuscated javascript could me, in major cases, malware or hacking behavior.

The site is infected IMHO.

There is a block of obfuscated script just before the closing Body tag at the bottom of the page, this is masquerading as a counter and I doubt that is what it is as there would be no need to hide a counter in this way.

The script tag that it is contained in isn’t crafted/formatted/laid out in the same way as other scripts on the page, it was on a single long line of code, which I broke down to make it easier to see.

Definitely infected.

[i]Definitly looks as those this site has been ‘hacked’ in some way… >:(

I have a (free) site at Geocities and that code looks nothing like any code that Yahoo! puts into any of the web pages…[/i]