Author Topic: HTML: lframe-inf on my webstore. Please help.  (Read 30505 times)

0 Members and 1 Guest are viewing this topic.

jeff.cain

  • Guest
HTML: lframe-inf on my webstore. Please help.
« on: March 25, 2009, 05:50:03 PM »
Hi,
I run an online door business at www.doorclassics.com . I went to my website today and Avast gave me the warning not to access the site because of virus / worm "HTML: lframe-inf .  Please any advice would help, I do not want to lose our reputation we have worked so hard to build up.
Thank you all in advance.
Jeff Cain

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #1 on: March 25, 2009, 06:11:30 PM »
Actually, I can't really see anything wrong with the code on that page.

I'm no expert developer or coder though, so hopefully someone else can take a look at it and find out what's setting avast off.  Good luck!
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #2 on: March 25, 2009, 06:14:47 PM »
nevermind, I figured it out.  At the end of that page, you have code that runs outside of the </html> tag.

Here's a snapshot:
Quote
</body>
</html>
<!-- text below generated by server. PLEASE REMOVE --><!-- Counter/Statistics data collection code --><script language="JavaScript" src="http://us.js2.yimg.com/us.js.yimg.com/lib/smb/js/hosting/cp/js_source/whv2_001.js"></script><script language="javascript">geovisit();</script><noscript><img src="http://visit.webhosting.yahoo.com/visit.gif?us1238001167" alt="setstats" border="0" width="1" height="1"></noscript>

Get rid of that, and you should be ok.
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #3 on: March 25, 2009, 06:20:53 PM »
Your site has been hacked there is a hidden iFrame tag inserted just after the opening Body tag

See image of the code, I have broken it down to make it easier to view (it was on a single line).

Note: there is a couple of <script> tags inserted after the closing html tag and a <noscript> tag, a standards, no, no. These however aren't what avast is alerting on but the hidden iframe.



Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #4 on: March 25, 2009, 06:28:21 PM »
Note for scythe944.

When looking for some suspect script, you can use the avast detection as a bit of a helping hand. Where this detected an iframe, I just do a search for <iframe in the source code and that found the only iframe on the page. So it does make it a bit easier to find. If it related to a script issue JS, etc. then I look for <script tags.

If the script tags were the issue, posting them on this site would result in the same detection on this page. So even if they were wrapped in the Code tag would still be detected, which is why I generally use images to display any suspect code.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #5 on: March 25, 2009, 06:28:54 PM »
Thanks man.  I thought I had it!  ;D

Oh, and I guess I'll start making pics of the code too... Sorry 'bout that, and thanks again.
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #6 on: March 25, 2009, 06:33:01 PM »
You're welcome.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

jeff.cain

  • Guest
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #7 on: March 25, 2009, 06:59:50 PM »
Thanks guys for your quick response.  I built the whole site using frontpage and Yahoo's store, and I know almost nothing about HTML code itself.  We hired getupdated.com for SEO and they have been working on the code.  Can I fix this just by simply removing the html you pointed out?
Thanks again

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #8 on: March 25, 2009, 07:03:23 PM »
It looks like it.  The bigger problem is how the code got entered in the first place.

Either someone has hacked into your site, (so change your passwords for the web server) or the people that you hired has put that malicious code on your site, and you should be asking them why.
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

jeff.cain

  • Guest
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #9 on: March 25, 2009, 07:27:26 PM »
I would like to get the HTML to accepted standards, could you explain exactly which code DavidR was referencing being after the HTML closing tag.  My html editor isn't showing anything after the closing tag.
You guys are a life saver!

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #10 on: March 25, 2009, 07:40:26 PM »
Well, DavidR was pointing out the actual code that was causing the IFrame message that Avast was complaining about.

You can find that code by searching for "iframe" in your html editor.

As for the code that I found, which is html code that was placed outside of the closing html tag (</html), that's located all the way at the bottom of the page.

There shouldn't be ANYTHING after </html>.  That tag basically means, this is the end of the page.  So, if there's more code after that, it should be above the </html> tag, not after it.

Hopefully you understand what I'm saying!

EDIT

I'll re-post my quote and add some color on the subject...

Quote
</body>
</html>
<!-- text below generated by server. PLEASE REMOVE --><!-- Counter/Statistics data collection code --><script language="JavaScript" src="http://us.js2.yimg.com/us.js.yimg.com/lib/smb/js/hosting/cp/js_source/whv2_001.js"></script><script language="javascript">geovisit();</script><noscript><img src="http://visit.webhosting.yahoo.com/visit.gif?us1238001167" alt="setstats" border="0" width="1" height="1"></noscript>

Alright, the blue code "</html>" should be the end of your page, but as you can see, the code in red is past that.  You either need to delete the red code, or move it above the blue code in order for it to be within spec.
« Last Edit: March 25, 2009, 07:43:49 PM by scythe944 »
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

jeff.cain

  • Guest
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #11 on: March 25, 2009, 08:21:45 PM »
I figured out why I can't see it.  Yahoo (my web hosting provider) is adding it to my code upon publishing.  Even when I use Yahoo's html editor, it doesn't show up.  It appears the server is alerting me to remove something in my code but I can't find what it is talking about.  Any ideas!

Mr.Agent

  • Guest
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #12 on: March 25, 2009, 08:25:45 PM »
Contact the guy that builded your web will be my solution but if another ppl got some feel free to post :D

Offline scythe944

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2913
    • My Tech Blog
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #13 on: March 25, 2009, 08:27:15 PM »
LOL. Sorry to laugh, but it's kind of comical.

I can only tell you to call Yahoo's tech support (if that even exists) to see if they could help you out.  I run several websites myself, but I use my own servers to host them, so I'm sorry, but I don't know how to help.

Hopefully someone else can guide you further, or Yahoo can help personally...
For generic computer (not avast) problems, you can also visit my forum for help: http://www.jacobytech.net/forum

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: HTML: lframe-inf on my webstore. Please help.
« Reply #14 on: March 25, 2009, 08:30:11 PM »
@ jeff.cain
It should also be before the closing Body tag also if it is legit and you want it displayed on the page.

I couldn't recall if is a footer tag, having done a bit of a google there is a new footer tag in the HTML5 standards. All my web design was done in HTML4 standard. http://www.w3schools.com/tags/html5_footer.asp, this w3schools site also seems a very good source of information, http://www.w3schools.com/default.asp.

Frontpage, depending on what version may or may not be standards compliant, given that it is an M$ tool it used to have proprietary html tags that only worked with IE. So if you are serious about this you should ensure you have an html application that is wc3 compliant.

Yahoo may be getting its return in the price of free hosting, if you are paying for hosting I would be very p***ed off about it editing 'my' site. So I would be talking to Yahoo about the code being tagged to your page as shown in this topic.

I would also be complaining about my site being hacked and what were they going to do about this, their hosting software should really offer protection against this type of thing. You should also change your password you use to log on to edit the site to something much stronger.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security