Author Topic: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]  (Read 3947 times)

0 Members and 1 Guest are viewing this topic.

seikooc

  • Guest
JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« on: October 30, 2011, 04:40:22 AM »
I created a website by myself, Avast alarms that threats found:

JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]

And cannot repair them, Error: The file was not repaired. (42060)
 
I cannot even open the website anymore on my computer, but can visit it on any other computer without Avast, all other anti-virus / Internet Security softwares did not find any problem with the website or the files on it. I've tried latest Kaspersky, NIS, Norton Enterprise, ESET Nod32, all of them found nothing wrong with the files.

Some JS are downloaded from WordPress official installation pack, Avast finds treats in it. How come? I Scanned my computer for treats, Avast found nothing, only those file on the website have problem.

I even contacted my hosting company, they did not find any treats too!

I wonder if I can send the file to a Avast expert to exam the codes?
To me it seems false positive report, but I cannot edit / visit my website on my computer unless I uninstall the Avast!

oscar8h

  • Guest
Re: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« Reply #1 on: October 30, 2011, 05:03:54 AM »
JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]

When threats were identified.
So it has proved identified Files.
« Last Edit: October 30, 2011, 05:06:53 AM by oscar8h »

alpha1

  • Guest
Re: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« Reply #2 on: October 30, 2011, 05:20:22 AM »
first of all i'm assuming that by "treats",you mean threats,since halloween isn't here yet,lol. ;D
as for the website,you can post link here so developers can see it and see what the problem is.
just make sure you dont post the link as active,e.g by replacing http with hxxp.
« Last Edit: October 30, 2011, 10:36:14 AM by alpha1 »

seikooc

  • Guest
Re: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« Reply #3 on: October 30, 2011, 05:29:46 AM »
xxxxxxxxxxxx

I backed up it with ftp software, then Avast found 25 threats in the backup folder! And could not repair them, I cannot delete those files, or the website will not function properly.

Also Sucuri.net SiteCheck can find the codes that contain threats.

Thanks all, really appreciate!
« Last Edit: October 30, 2011, 08:41:27 AM by seikooc »

alpha1

  • Guest
Re: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« Reply #4 on: October 30, 2011, 05:48:06 AM »
Thanks all, really appreciate!
you're welcome.

Also Sucuri.net SiteCheck can find the codes that contain threats.
is it can or can't?
because if it's can,then there probably is some sort of infection.

Avast found 25 threats in the backup folder! And could not repair them,
if they are in fact infected,some of the other members here(or developers)will tell you how to proceed.


seikooc

  • Guest
Re: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« Reply #5 on: October 30, 2011, 06:21:02 AM »
I tried to replace the infected javascript files with the originals, seems solve the problem,
but still has MW:IFRAME:HD203 on the index page, seems came from some SEO scripts

Okay, finally got rid of the virus / threats / Trjs / MWs,

it's the SEO tool generated js codes that was infected. Removing those codes solved the problem.

Thanks guys!
« Last Edit: October 30, 2011, 08:45:13 AM by seikooc »

alpha1

  • Guest
Re: JS:Iframe-CG[Trj] & JS:Downloader-AZF[Trj]
« Reply #6 on: October 30, 2011, 08:56:21 AM »
no problem,good luck. :)