Yesterday I was on this page wXw.staznosti.sme.sk and when I browsed on this page bounced alert from avast!. Virus found HTML:IFrame-EW [Trj]. And what next? This page has over than million users per day. The infiltration was found on this path
wXw.staznosti.sme.sk/favico.ico
This is false virus. Please make something with that.
Generally, avast detection is accurate in these cases.
Isn’t it an encrypted/obfuscated script or iframe?
Wasn’t the site hacked?
Maybe you could contact its webmaster.
I changed this link and slovak or czech tech from avast! support can wirte some reactions on this problem. I wrote to sme.sk administrators and dont reply me.
Well I have the latest VPS and I don’t get an alert, that is with firefox 3.5.2.
As I said I went to the Home page and not as you have done directly to the favico.ico file.
If I do that the alert happens and the reason it happens is you get a 404 error page and at the bottom of the custom 404 page is the injected script tag containing the iframe tag, see images.
So more work to be done on the site, they may have removed the favico.ico file but a missing file has activated the 404 error page which has also been hacked.