I am a small hobby store owner. I recently downloaded avast trial version, and have it currently running.
I went to my site and noted that many pages were coming up lframe-inf.
I followed the instructions on the original post but could not find any lframes on my pages.
Hoping someone can help :
Any help appreciated. 
Thanks for your time in this matter
It looks to be in the fav icon
I will ask iDonovan to have a look when he gets here ;D
Hi lgfc_2012,
Is there any specific page that avast! alerts? If you would please post a screenshot of the alert.
Hi !Donovan,
I answered in the other post open on this issue.
The alert is from Avast Webshield Malware being blocked Avast has blocked a malicious website or file
Object: hxtp://www.ladygouldianfinch-ca.com/favicon.ico (malware doing a redirect)
Infection: HTML:Iframe-inf
Process (browser executable)
polonus
Here it is
Hi essexboy,
Only difference that I got that txt in Dutch and for chrome.exe (as I went there with Google chrome).
Sucuri gives this report with security warnings: http://sitecheck.sucuri.net/results/www.ladygouldianfinch-ca.com/
IP-location risk also plays here and security issues as I mentioned in the other posting.
Site gives away full version number of server software to the world, that is a security risk
Site has FrontPage/5.0.2.2635
Powered by: PHP/5.2.14
with many security flaws that can be abused by malcreants, especially PHP is “renowned” insecure,
but here it seemed to have been a hidden iFrame,
polonus
What does this mean?
I am no web developer so am having someone do the site bit by bit.
What is the .ico is that the flash player. If not, is it nec? Can I delete it?
appreciate the help
They should check your error handling in the .htaccess file,
polonus
where is this .htaccess file found ?
Am in the site now so can fix it if I know where it is.
favicon.ico seems to lead to the 404 page that contains the iframe redirect.
No, this should be done at the server where your website is being hosted. You should take the issue up with them at cp5.hostserve.net,
polonus
ok fixed the 404 now what?
What do i say to hostserve? How can I get better protection from them?
I see there 2 instances of it GET /favicon.ico HTTP/1.1:
response: HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Mon, 16 Jul 2012 20:39:00 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635
Accept-Ranges: bytes
Content-Length: 1269
Keep-Alive: timeout=15, max=93
Connection: Keep-Alive
And for your hosting service, you could give a link to this thread and the oyher one,
polonus
I still get the iframe.
ok found another 404 in my main file. Not sure why I have two, can I delete one?
please retry.
Yes and what it redirects to is also blocked by avast Networkshield as URL:Mal
polonus
Both 404 are fixed working on other 00 files.
Yes, adotd, I also was able to read !Donovan’s image. That site is being blocked by avast Networkshield. Only proofs that it is hidden iFRame malware and malcious as such, see where it stems from http://www.pagesinventory.com/domain/neoaxial.org.html
polonus