Author Topic: Encounter with "HTML:Iframe-inf" virus alert on Website  (Read 29517 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33929
  • malware fighter
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #15 on: March 29, 2009, 11:42:23 PM »
Hi posters of this thread,

Everybody happy, another issue resolved,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Shalimar

  • Guest
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #16 on: March 30, 2009, 07:44:48 AM »
TO:  DAVIDR
Thank you so much for all your assistance...I really do appreciate it!!!  (Persistence really can pay off!)
I think it was great that Peter of viewmy.tv jumped right in and participated, too, in order to help resolve the problem.

TO:  Polonus
Happy?  Hmmm...happy as a honey bee in a field of wildflowers! Thanks!




Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89329
  • No support PMs thanks
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #17 on: March 30, 2009, 03:28:17 PM »
You're welcome.

It is a breath of fresh air when someone from the company takes a direct interest (some would just deny the problem exists) as this does make it easier to resolve than going through a third party.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

punto-rojo

  • Guest
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #18 on: March 31, 2009, 06:06:50 PM »
Hello everyone!

A few days ago our server (Dreamhost) was down for some hours, after this our web and forum seems to be infected with this Iframe:



¿Is it a real infection or what? ¿How can we resolve this?

Excuse for the english (we're from Spain) and thanks a lot!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89329
  • No support PMs thanks
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #19 on: March 31, 2009, 06:37:56 PM »
First link there are a couple of hiden iframe tags after the closing html tag a standards no, no, one too google-stat.com which somehow I don't thing is google and legit. See images, I have broken up the code to make it easier to see in the image as it is all on one line.

See, http://www.mywot.com/en/scorecard/google-stat.com and https://safeweb.norton.com/report/show?name=google-stat.com. Somehow I doubt you placed them there.

2nd link forums, same sort of issue stuff after the /html tag but the major one is the hidden iframe tag to google-stat.com again.

So looks like your site and forum have been hacked and you need to strip out these malicious hidden iframes.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Battou

  • Guest
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #20 on: January 30, 2010, 02:23:49 AM »
Sorry to ressurect this, but how do I get past this to inform the site triggering it?


After aborting the connection the entire page fails to load making it a bit difficult to notify the site that it is triggering an Iframe Virus alert.



Now, I work for a site that uses Iframes and have never triggered one of these prior to tonight not to mention the particular site never triggered it until about half an hour ago. So I am inclined to believe there is infact something not right with the site triggering it now and something should be said.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89329
  • No support PMs thanks
Re: Encounter with "HTML:Iframe-inf" virus alert on Website
« Reply #21 on: January 30, 2010, 02:55:41 AM »
The entire page will fail to load if the infection is in the actual code of the page, so you can't easily get by without disabling the web shield, not what you want to do if the site has been hacked. Most sites have email contacts and webmaster (at) effectedsite.com, etc. usually gets through, some however block this. You could try a whois domain check and that should give you some contact emails.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.5.6116 (build 24.5.9153.762) UI 1.0.808/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security