WARNING, PEOPLE!!! The trojans are mutating faster than we can keep up with. In one of my recent postings, I warned everyone about the Illredir-B trojan, to which Mike kindly provided a script to help us remove the trojan from our websites. In less than 2 weeks, we have been alerted that it has mutated into Illredir-C. Mike quickly modified to script to eliminate both trojans.

Today, a friend asked me to take a look at her website and Avast has detected it as Illredir-D, and when I tested Mike’s script, it wasn’t able to remove the trojan, which means it has mutated into a pattern different from the earlier two; so a further modification of the script will be needed to wipe this out.

It sounds almost like biological warfare with virus mutation.

My hat off to Avast for its quick detection, even though it is free for personal use. My AVG Free did not detect it. I’m so disappointed in it, having believed in it and recommending it to friends for the past few years.

I have also tried a few online website virus scans which were not able to detect this trojan. This is quite a worrying thought, that few antivirus programs are able to keep up with the new trojans, viruses and malware that are mushrooming more quickly than ever.

The good news is that Google is able to detect the malware, and if it has been submitted to Google webmaster, it will block access to the website upon detection of these malwares. You may come across a screenshot like the following:

Snapshot of Google blocking a website. I have blurred the website URL for privacy
Snapshot of Google blocking a website. I have blurred the website URL for privacy


To ensure your own protection, please please please get a good antivirus software!! I highly recommend Avast because even though I’m using the free licence, it is able to detect and block the trojan. Another one that is able to detect this virus (or so I’m told) is Kaspersky, but it’s not available for free download.

[Note: I hope this post will not be ripped off like the earlier post. If you wish to repost this blog entry, please include the original link to this entry which is http://www.zyenweb.com/2010/01/19/trojan-alert-illredir-billredir-cillredir-d/. Thank you.]