Got Html: Iframe-inf

I got the warning when entering xxx.chaloke.com showing that the file name : hxxp://comed46.com/webbands/weloveourkingright.gif{gzip} is a malware of VPS version 091125-1, 25/11/2009

The webmaster of chaloke.com told me his sever is Linux and NOT subject to infect the mentioned virus. Instead, the virus is on my computer (not his server).

What should I do then? Thanks.

Hi patt, welcome to the forum :slight_smile:

First and foremost, Could you please modify your link to make it unclickable (i.e. chage http to hXXp) to prevent others potentially becoming infected.

Currently, with the latest VPS version (091129-0) I get no warning visiting that site.

This could be due to one of two things:

  1. It was a false positive in the web shield that has been corrected in subsequent updates.
  2. The website has been cleaned of the infection since then.

One thing to mention though, is that techically the webmaster is slightly wrong. This kind of malware is the result of a website being hacked. This means that the html pages of his site have been modified to include an Iframe that is pointing to a suspect site.

This kind of detection is very common these days, with many ‘legitimate sites’ becoming hacked to distribute malware:

Every 3.6 seconds a website is infected


Some good reading about previnting this kind of thing, courtesy of DavidR:

-Scott-

Thanks for your advice. :slight_smile: