Trojan in my own blog or a False Positive?

[Guest]

[skynet71]

Hi everyone. Comodo keeps detecting a trojan in my own blog, could it be a false positive? Maybe from a javascript widget? The Comodo only detect it when I open my blog with the IE8, with firefox everything is ok  . Can anyone help me please?

My blog is hxxp://fossaceptica.blogspot.com

And here is the Comodo log:
C:\Users\Marco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2S5MJXV0\TyntLite[1].js

TrojWare.JS.TrojanDownloader.Iframe.boi[at]42770545

Edit:
I case it is bad i disabled the link to prevent direct infection !!

[HeffeD]

You can submit the file to VirusTotal and see what it thinks.

If you feel it's a false positive, you should also submit the file to Comodo Malware Analysis so they can check it out and they'll add it to the whitelist if it is in fact a FP.

[Ronny]

Site inspector reports it as malicous... so I'd be carefull with this...

[OmeletGuy]

Only Comodo detects it.

http://www.virustotal.com/analisis/8b31c71af532b3789df92f73eb0a10169f13e101b30f60b8446f0f4b2c53fcd4-1253825749

But since Site Inspector says its malicous, i would say its bad and not a FP.

We need a "What to do if your website is infected" thread.

[skynet71]

Hi, thank you for the help.

I've disable the widgets one by one to see if the problem was with those, and finally traced it back to the stats widget from http://whos.amung.us/.

In fact I search it in Google and find out that there are a lot of people complaining about the same thing (http://wordpress.org/support/topic/304563), wich is odd, since whos.amung.us its a very well known widget among bloggers, and the problem is reported only by some antivirus. Any way, trojan or not, I've change the widget to its non javascript version and everything its ok now, I didn´t want to scare off my readers 

Thank you everyone, and sorry for the really bad english, i'm not use the write it 

[Ronny]

  well done, and no problem on the English it's good.

[Tags:]