Author Topic: A question / suggestion about html: Iframe-inf worm  (Read 2784 times)

0 Members and 1 Guest are viewing this topic.

lecsdude

  • Guest
A question / suggestion about html: Iframe-inf worm
« on: December 13, 2011, 06:55:18 PM »
Hello everybody,

I have a small problem or dilemma. Yesterday I wanted to find a Christmas wallpaper for my PC and I followed a link which was a legit Blogger profile which had a great picture of what I was looking for. As I click the link ( through Google search ) as the page was starting to load up, Avast alerted me that a worm called " HTML: Iframe-inf " was blocked, cheers to "Web Shield" and when I looked into the shield log it says:

 "Url: ( I won't post it for obvious reason ); Severity: High; Status: Threat: HTML:Iframe-inf ; Action: Blocked ; Result: - "

Now I did a normal scan and a boot time scan and both scan results were clean, no threat detected. So my question is: Am I in any danger since I didn't download the file and both scans turn up clean and also my PC is not showing any symptoms of being infected? ( remember that avast blocked the url ( file ) before it had a chance to be downloaded. ) ?

Thank you in advance.

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11156
  • No support PM's thanks
Re: A question / suggestion about html: Iframe-inf worm
« Reply #1 on: December 13, 2011, 07:06:04 PM »
( remember that avast blocked the url ( file ) before it had a chance to be downloaded. ) ?

Thank you in advance.
I think you already answered your own question! avast did it's job so nothing to worry about  ;)

lecsdude

  • Guest
Re: A question / suggestion about html: Iframe-inf worm
« Reply #2 on: December 13, 2011, 07:08:36 PM »
( remember that avast blocked the url ( file ) before it had a chance to be downloaded. ) ?

Thank you in advance.
I think you already answered your own question! avast did it's job so nothing to worry about  ;)

Yeah thank you, I just needed some reinsurance about this ( wanted to hear from a pro :D ), I am just a bit paranoiac about things like this (had bad luck in the past with viruses/Trojans ), thank you for answering.

Oh one more question if I may ask: How does this "html:Iframe-inf" normally manifests itself, what symptoms would a PC/laptop/etc. show? :)
« Last Edit: December 13, 2011, 07:14:55 PM by lecsdude »

Offline CraigB

  • Avast Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 11156
  • No support PM's thanks
Re: A question / suggestion about html: Iframe-inf worm
« Reply #3 on: December 13, 2011, 07:17:16 PM »
Im far from being a Pro but your description of what happened made my answer very easy  :)

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86508
  • No support PMs thanks
Re: A question / suggestion about html: Iframe-inf worm
« Reply #4 on: December 13, 2011, 07:23:39 PM »
<snip>
Oh one more question if I may ask: How does this "html:Iframe-inf" normally manifests itself, what symptoms would a PC/laptop/etc. show? :)

The html:iframe-inf is generally an indication that a site has been hacked and an html iframe tag has been inserted. The iframe element can import and or run dynamic data, normally it will be trying to run something on a malicious site.

Links in google searches can also be crafted to A) make you feel you have what you are looking for and/or B) take you to an entirely different site with a redirect using an iframe tag. This is even more prevalent if it was a google image search.

There are no specific symptoms as the iframe tag (inserted into a web page) is just the vehicle and not the payload that may be at the remote location.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.2.6003 (build 22.2.7013.717) UI 1.0.697/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security