Hi I’m looking for some help with a client’s web page/server that may be compromised with a web page Trojan. A JavaScript ( scipts.js ) is being adding dynamically to php pages and kaperski anti-virus reports that when visiting the page its trying to download a Trojan. Specifically trojan-downloader.js.Jscript.k
Need to help tracking down where the code is coming from and also how the page was compromised.
