Hi,
I run an online door business at www.doorclassics.com . I went to my website today and Avast gave me the warning not to access the site because of virus / worm "HTML: lframe-inf . Please any advice would help, I do not want to lose our reputation we have worked so hard to build up.
Thank you all in advance.
Jeff Cain
Actually, I can’t really see anything wrong with the code on that page.
I’m no expert developer or coder though, so hopefully someone else can take a look at it and find out what’s setting avast off. Good luck!
nevermind, I figured it out. At the end of that page, you have code that runs outside of the tag.
Here’s a snapshot:
Get rid of that, and you should be ok.
Your site has been hacked there is a hidden iFrame tag inserted just after the opening Body tag
See image of the code, I have broken it down to make it easier to view (it was on a single line).
Note: there is a couple of tags inserted after the closing html tag and a tag, a standards, no, no. These however aren’t what avast is alerting on but the hidden iframe.
Note for scythe944.
When looking for some suspect script, you can use the avast detection as a bit of a helping hand. Where this detected an iframe, I just do a search for <iframe in the source code and that found the only iframe on the page. So it does make it a bit easier to find. If it related to a script issue JS, etc. then I look for <script tags.
If the script tags were the issue, posting them on this site would result in the same detection on this page. So even if they were wrapped in the Code tag would still be detected, which is why I generally use images to display any suspect code.
Thanks man. I thought I had it! ;D
Oh, and I guess I’ll start making pics of the code too… Sorry 'bout that, and thanks again.
You’re welcome.
Thanks guys for your quick response. I built the whole site using frontpage and Yahoo’s store, and I know almost nothing about HTML code itself. We hired getupdated.com for SEO and they have been working on the code. Can I fix this just by simply removing the html you pointed out?
Thanks again
It looks like it. The bigger problem is how the code got entered in the first place.
Either someone has hacked into your site, (so change your passwords for the web server) or the people that you hired has put that malicious code on your site, and you should be asking them why.
I would like to get the HTML to accepted standards, could you explain exactly which code DavidR was referencing being after the HTML closing tag. My html editor isn’t showing anything after the closing tag.
You guys are a life saver!
Well, DavidR was pointing out the actual code that was causing the IFrame message that Avast was complaining about.
You can find that code by searching for “iframe” in your html editor.
As for the code that I found, which is html code that was placed outside of the closing html tag (</html), that’s located all the way at the bottom of the page.
There shouldn’t be ANYTHING after . That tag basically means, this is the end of the page. So, if there’s more code after that, it should be above the tag, not after it.
Hopefully you understand what I’m saying!
EDIT
I’ll re-post my quote and add some color on the subject…
Alright, the blue code “” should be the end of your page, but as you can see, the code in red is past that. You either need to delete the red code, or move it above the blue code in order for it to be within spec.
I figured out why I can’t see it. Yahoo (my web hosting provider) is adding it to my code upon publishing. Even when I use Yahoo’s html editor, it doesn’t show up. It appears the server is alerting me to remove something in my code but I can’t find what it is talking about. Any ideas!
Contact the guy that builded your web will be my solution but if another ppl got some feel free to post 
LOL. Sorry to laugh, but it’s kind of comical.
I can only tell you to call Yahoo’s tech support (if that even exists) to see if they could help you out. I run several websites myself, but I use my own servers to host them, so I’m sorry, but I don’t know how to help.
Hopefully someone else can guide you further, or Yahoo can help personally…
@ jeff.cain
It should also be before the closing Body tag also if it is legit and you want it displayed on the page.
I couldn’t recall if is a footer tag, having done a bit of a google there is a new footer tag in the HTML5 standards. All my web design was done in HTML4 standard. http://www.w3schools.com/tags/html5_footer.asp, this w3schools site also seems a very good source of information, http://www.w3schools.com/default.asp.
Frontpage, depending on what version may or may not be standards compliant, given that it is an M$ tool it used to have proprietary html tags that only worked with IE. So if you are serious about this you should ensure you have an html application that is wc3 compliant.
Yahoo may be getting its return in the price of free hosting, if you are paying for hosting I would be very p***ed off about it editing ‘my’ site. So I would be talking to Yahoo about the code being tagged to your page as shown in this topic.
I would also be complaining about my site being hacked and what were they going to do about this, their hosting software should really offer protection against this type of thing. You should also change your password you use to log on to edit the site to something much stronger.
waiting on Yahoo’s tech phone call… I’ll let you know if they shed any light on it.
Good deal. I hope they can help!
They said it is on every Yahoo hosting account and store account. It is their data collection code and they said they have never had any problems from it. I don’t really have an option to remove it, so I guess it stays. Sorry to waste you guys time, but again thanks so much for fixing the hack on my store.
You’re welcome.
If they are going to insert code than tell them they should be complying with wc3 HTML standards.
What stats are they gathering (more importantly did they tell you about this and did you agree to it) ?
What did they say about your site being hacked ?
Of course you have a say in it, vote with your feet/wallet and seek out another hosting company and one that remembers their position as a service provider and you being the customer.
I started building the site with them in 2004 so I’m sure I agreed to their terms somewhere. It does state in their privacy policy that I display on my page that they collect data regarding your shopping experience. As far as voting with my feet, I wish it were that easy. I built almost the whole store on their yahoo store proprietary software. I know I could rebuild, but that is all I have been using since 2004 and I already have a non webrelated full time job taking up my time (plus a wife and 3 kids!) For now it will have to stay with yahoo. Overall I have been satisified with their service.