Hi guys,
I'm having the same issue on our site - systems2win.com.
Same iframe-zg trojan
Same 404 error behavior
I won't bore you with the other steps we have taken to remove the trojan from infecting our web menus...
The root problem is that the trojan still remains active -
and the way that it manifests now is by appearing whenever a 404 error is triggered anywhere on our site.
Adding the suggested line of code to the htaccess file in our FTP folder somehow prevents our users from using their password to access FTP,
and that solution doesn't do anything for all of the other folders on our site - which I don't believe have an htaccess file.
It seems that with this solution, the trojan is being allowed to continue to exist, while simply trying to avoid triggering it.
Does anyone have any ideas for how to completely eliminate the Trojan?
One clue...
I notice that Avast gives the warning dialog when the Google Toolbar version of the 404 error appears -
and does not give the warning dialog when the regular 404 error appears (immediately following the Google Toolbar version),
but I'm not sure whether this is just because it has already given the warning - or because the warning is actually associated with the Google Toolbar dialog itself.
Any thoughts?