Question to the technical people out there.
I got a call from a client saying her stock list wasn't updating on the websites FTP so I check it out to find a block from AVG saying the site is infected with a JS/REDIR.
I find out the index file is infected or rather, there's code in there that probably leads people to some porn site.
My question is how did that get on there? The only person who accesses it is the client. Is it possible there's a virus on her PC that is programmed to access FTP's and replace the index file?
Might want to add that I replaced the index with an old one from my HD and all is fine. I just want to know how it got on there.