Virus warning...

[Suz702]

I keep trying to access a certain site.   I get a warning that there is a virus.   HTML:Iframe-inf   to be exact.  Now, others have gotten onto the site with no problems.   Can anyone tell me why I am getting this virus warning and what to do about it?

[spg SCOTT]

Hi Suz702,

This is a webshield alert, and as long as you have clicked on the 'abort connection' button, you should be safe.

This kid of alert is very common with many legitimate sites becoming infected.
The reason many other people are able to get to the site could be from using another av, and many others don't even scan for this kind of thing, let alone alert on it.

Please could you provide us with the site url?

Please could you make the link unclickable (i.e. change http to hXXp) to prevent others potentially becoming infected please?

-Scott-

[Suz702]

 hxxp://www.ask3.co.kr/

[spg SCOTT]

Hi,

There is a maliucious, hidden Iframe outside of the closing html tags, not a good sign...

The iframe links to a malicious domain:http://www.mywot.com/en/scorecard/parkinglotbet.cn

The Iframe also tries to redirect outside of the standard port by using port 8080, this is to try to avoid scanning, but as you have seen avast! is on top of it

-Scott-

[Suz702]

So is there anyway to report this to them?  I would really like to access their site.  I don't have contact info for them. 

[spg SCOTT]

You could do a whois lookup:
http://whois.domaintools.com/ask3.co.kr

The contact email is there if you wish to let them know.

If you do, I would make them aware of this thread also...