I have a user who claims that his virus protection program alerted him to a trojan horse in one of my programs that he tried to access. I checked the file names that he should have come in contact with and everything looks okay on the server. I've never had a complaint like this and I am not sure how to hunt it down. Any advice?
Try to scan with the same app they used.
Mystery solved... I installed Google's Re-Captcha three days ago, to try to insure that spammers couldn't feed a bunch of spam on my program's initial 'set up account' email request. Apparently the bad guys broke into Re-Captcha and installed HTML: Bankfraud ZG. The fix? I pulled the plug on the Re-Captcha. The various security programs seem to be aware of it...and, since I keep a log, only a handful of people were at risk. I've learned my lesson.
Glad to hear it! Please consider marking this thread as RESOLVED ;-) :-)