Malware on Inverto's website

Anyone else get a trojan horse warning (PHP:C99Shell-A) from the file http://www.inverto.tv/IMG/faq/dan.jpg when going to the Inverto home page? Or is Avast just being paranoid over a false positive?

Probably worth making sure your anti-virus is fully patched before trying, in case it is for real!

Nothing on my laptop, but there again only a line of script came up with no picture.
Dave

Shock horror, I emailed them and (although no personal response) they removed it. Someone's alive there?

Hi Guys  I recently got some evil junk mail on my hotmail account. It alleges as this forwarded text shows that it has come from admin@invertoforum.co.uk. I would just like to warn you and others that somebodys security has/might have been breached. I thought that my security was tight. However I have recently changed and now use Microsoft Security Essentials as my first line of defence and like all MS products I am not sure how reliable it is. I also run AVG, Spybot and SpywareBlaster in the background and usually get very little in the way of junk mail. Here is the header etc from this mail PLEASE everyone watch out for similar rubbish coming through and avoid following any links in this sort of unsolicited mail. Browser
> Subject: ararWvvSiueTetTx
> From: admin@invertoforum.co.uk
> Date: Mon, 5 Apr 2010 10:53:02 +0000
>
> tKb97V wnbggyroymws, nhgguigxpqan, [link=http://fgfpsclmepvv.com/]fgfpsclmepvv[/link], http://jrauhdyyqizw.com/

I have kept the original mail if one of you administrators would like a copy. B

Hi Browser, sorry about that, not sure where it came from but if Sneeks sees this I'm sure he'd like to know. Thanks for the warning.
Dave

All domains occasionally get used by spammers in the email addresses, which are invariably faked. Unless the actual SMTP headers trace back to an Inverto Forum server, there is nothing specifically to worry about in terms of system compromise. It's just annoying because although no-one human believes the email addresses any more, there are still some dumb spam filters that do, so the poor individual whose email address was arbitrarily chosen can get hundreds of rejection messages.

On the other hand, with all the millions of domains out there, the chances of a spammer faking using Inverto Forum targeting one of us is somewhat lessened - though far from impossible given the volume of messages sent.

The reason they are using this address, of course, is because someone who has received mail from this address has been compromised. They'll grab an addressbook and use these addresses as ones which are pretty certain to get through filters etc (and might be recognisable). So if a community member has been got, then all his/her friends will be on the list and they'll get mail from others in the list and it continues ad infinitum (until someone manages to switch it off). The likelihood of invertoforum or whereever being compromised is pretty small especially if people's malware scanners are not picking anything up.

Just come to this site and found adverts at the top of the index page. 1 Says I can have a free macbook if I follow links etc 2 Is about an American banker who can make us all rich if we contact *****website. Anyone know how these have got onto the site? They seem to have gone now BUT it is a worrying development if no-one knows about it. Browser

Seems like it is my computer. These popups are occurring randomly on other websites too. I seem to have a couple of tracking cookies which could be the cause. I won't be able to rest until this behaviour is gone. Oh bother! (or words to that effect) B

Hi Browser, I think it must be you, checking the top of my page and all is as it should be, I think a scan and clean up is in order for you.
Dave