I have a user who claims that his virus protection program alerted him to a trojan horse in one of my programs that he tried to access. I checked the file names that he should have come in contact with and everything looks okay on the server. I've never had a complaint like this and I am not sure how to hunt it down. Any advice?
Thanks, robkir
Try to scan with the same app they used.
I would think it's not likely to be your PHP code itself, but some file that the browser is being instructed to load (image, javascript file, etc.), which might include any 3rd party advertisements you display on your site.
Mystery solved... I installed Google's Re-Captcha three days ago, to try to insure that spammers couldn't feed a bunch of spam on my program's initial 'set up account' email request. Apparently the bad guys broke into Re-Captcha and installed HTML: Bankfraud ZG. The fix? I pulled the plug on the Re-Captcha. The various security programs seem to be aware of it...and, since I keep a log, only a handful of people were at risk. I've learned my lesson.
Glad to hear it! Please consider marking this thread as RESOLVED ;-) :-)
