Hi, I started a wordpress blog - tvundfilm.at - and a visitor who’s using avast told me that he got a warning: Infektion:
js:Iframe-DL.

After researching on the web and talking to some friends (inluding the serverhost) I am not really sure, if this really is a malicious trojan or maybe only a wrong avast notification?

Servus,
the site is infected…!!
Details: http://sucuri.net/malware/malware-entry-mwjs2368

Wordpress is a huge target and only recently subject to exploit/hacked sites, due to having an old version of wordpress which have vulnerabilities.

Tens of thousands of sites suffered attack and one related to the timthumb theme being exploited.

So I don’t know if you or your host have the latest wordpress version installed.

Wordpress version: WordPress 3.2.1
Wordpress version from source: 3.2.1
Wordpress Version 3.2 based on: hxxp://tvundfilm.at/wp-includes/js/autosave.js
Wordpress directory: hxxp://tvundfilm.at/wp-content
Wordpress theme: hxxp://tvundfilm.at/wp-content/themes/Petra/

VirusTotal
http://www.virustotal.com/url-scan/report.html?id=5768279edd0018c1d1bed4e8cb108afd-1321277960
http://www.virustotal.com/file-scan/report.html?id=8250ed52f8caecd78497b78fbdb3dfa6c34eab0b9484e6aa094fae026feafd1d-1321281561

The issues are confirmed in previous reports are still there according to the sucuri scan.

Scanning the site for other issues, we also found that the site uses Flash. Flash also has the additional danger of LSO Cookies. The site also uses of tracking graphic. Spam check and safe browsing are all green,
Webutation gives the site 80 points: http://www.webutation.net/go/review/at.saferpage.de?req=tvundfilm.at
See: http://urlquery.net/queued.php?id=8415 (suspicious)

polonus