You might be alerted about this trojan when you visit a site that loads content from other sites. This external content could infect you with malware.
If you are the admin or owner of a site that is being detected with this trojan, we recommend you check that you do not have links to old or obsolete servers or URLs.
is usually found in webpages compromised through SQL Injection
attacks or through Blackhat search engine optimization (SEO)
poisoning. This detection might also be triggered if the webpage containing this script is stored in the browser's cache.
Earlier variants of Seedabutor were spread through compromised webpages, emails and downloaded by other malware.
When you open your browser and try to visit a website the trojan will redirect your browser to dsnetservices/?epl=.
It might also load an Iframe referring to a domain with its own name, for example <self domain>?epl=.
Analysis by Methusela Cebrian Ferrer
Your browser might try to open a webpage to the following server: dsnetservices/?epl=.
However, there are no other particularly common symptoms associated with this threat - links are activated within IFrames while viewing web content on maliciously modified pages.