Free Version 8.0.1497 Definition File 130919-4 on Windows XP Pro SP3
I have a site with a link to a date and time website.
Sometimes Avast reports the iframe element as a problem and blocks the page, other times not - it seems to vary as definition files are released and update…as far as I am aware, the website poses no threat or risk.
The latest Virus Definition File 130918-4, so I can only assume a typo in your post.
Well iframes aren’t the issue, rather the content of the iframe. Frequently iframes are used to access 3rd party sites and can either import data or run scripts.
Having visited that link using firefox 24.0 I don’t get any alert, which is why there was a suggestion to post a screenshot of the alert.
Not sure what you cleaned up on your system, the alert info should still be in the web shield log info.
urlQuery report: http://urlquery.net/report.php?id=5535891
scroll down to Recent reports on same IP/ASN/Domain there you find some URL that have detection from Suricata filter
To me (your attached image) that is an indication of an infection, probably a hacked site.
The favicon.ico file is the little image that is placed to the left of address area in your browser window. Since these are images, it is highly suspect for it to contain an iframe in that file.
So somewhere there was a redirection from the timeanddate.com to the christabelli.com/favicon.ico file and that is what avast is complaining about suspect iframe inside a favicon.ico file.
I can’t find any reference/redirect to christabelli.com on the timeanddate.com, perhaps it has been removed by the sites webmaster, etc.
(current definition file 130919-1)
Just now I had this warning…2 screenshots attached…it’s my friend’s company website…I’m not sure what this new warning means…
Ok, I’ll remember that next time
But what is the problem? Is it a site problem that they need to be aware of, or something I can do/change on my machine?
Hello,
this alert means, that you was redirected by hidden iframe to one stage of Blackhole Exploit kit.
In this stage, javascript check your browser for vulnerabilities.
If you open “Avast → Security → Web Shield → shield log” and move mouse over URL column, you will see whole address instead of hxxp://…/ and we can determine which files to look for.
Thank you, i made a little check and site hitechsteels.com have vulnerabilities.
Admin should update word-press plugins and most of all the nextgen gallery plugin.
Site might be allready infected so restoring it from backup and update could be a way to get rid of it.