Not detected by avast..

[polonus]

Malware resides here:
hxtp://oceallaigh.org/leftarrow.gif & htxp://oceallaigh.org/rightarrow.gif
virustotal scan results: http://www.virustotal.com/file-scan/report.html?id=c6dddf44f106213d2ad023337196056f47046e63ac052ab4cdc1bd43f9e13938-1301074346
read about detected malware: http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FGiframe.A
Not detected here: http://wepawet.iseclab.org/view.php?hash=7e4a0fa24a9b25cec4104db2c7da0500&t=1301074548&type=js

polonus

[spg SCOTT]

Interesting...a gif which has all that info...Spot the iframe

A true gif is not nearly as well formatted

[polonus]

Hi spgSCOTT, thanks  for making that visible to us all, webmasters should read this article here: http://sandeepverma.wordpress.com/2011/01/30/how-to-clean-malware-from-website/
the issues summed up there:

The possible HOLES may be:
1. File/Folder permissions
2. Poor authentication for application
3. Cross-Site Scripting
4. Cross-Site Request Forgeries
5. Anti-Virus Software
6. File formats
7. Network “Firewalls/Filters”
8. Shell access & Logs

Webmasters should do a free scan at sucuri: http://sitecheck.sucuri.net/scanner/
and update and upgrade their vulnerable web apps, before they are taken to the test by less friendly minded people (malcreants),
also run a secunia online test to make sure you have the latest updates for all software:
http://secunia.com/vulnerability_scanning/online/

This is what google has to say on the matter: http://www.google.com/support/webmasters/bin/answer.py?answer=163634

polonus