Avast! 4.8 Home Edition found HTML:IFrame-EZ [Trj] in an email while downloading emails into Thunderbird. I put the email in the Virus Chest and it is there in the Infected Files area.
I don’t understand how or why this virus was found in an email or what I can do to examine the cause if it is a false alarm. I did a search and saw that someone else had encountered this virus while browsing, but I was not browsing. Can someone explain?
thanks for asking but i don’t know what the url is since i was not browsing. the email is in the virus chest. is there a way to read the contents of an email in the chest so i can determine what the url is?
It was in the html formatted email message that was downloaded. IFrame is an HTML element. You would not see it directly(and should be highly careful about trying to open an html email file that contains one. You would want to open it in notepad rather than an application that will try to run the page(browser, email program, etc).
I have this virus too. Just with another name “HTML:IFrame-HO [Trj]”
If you open with Notepad one HTML page on your PC you will see in the end that :
…
That “iframe” redirect your page to this link and download .EXE .
Avast report for Win32:Virut.NBP.
Virut can be cleaned , but “HTML:IFrame-HO [Trj]” only manually !
I have another one “WIN32:Vitro” (next Virut generation) Avast only inform me , but can’t repair.
I can see virus code in .EXE file when open file with FX and on position 00024 have : 1B 61 01
Original (clean file) look that : 00024 : 00 00 00
From what I heard Vitro and Virut Are nasty, destructive, and infects files at the rate rabbits reproduce. Your gonna be in for a battle for your computer.